Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
http://www.tellthedream.com/wpp-adobe/adobe.php

Overview

General Information

Sample URL:http://www.tellthedream.com/wpp-adobe/adobe.php
Analysis ID:1517647
Infos:

Detection

Score:76
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

AI detected phishing page
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for domain / URL
Multi AV Scanner detection for submitted file
Phishing site detected (based on favicon image match)
HTML body contains low number of good links
HTML body with high number of embedded images detected
HTML body with high number of large embedded background images detected
HTML title does not match URL
None HTTPS page querying sensitive user data (password, username or email)
Stores files to the Windows start menu directory
Suspicious form URL found
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • chrome.exe (PID: 2848 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 3856 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,10763147438608566531,18013151587605379891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • chrome.exe (PID: 6528 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.tellthedream.com/wpp-adobe/adobe.php" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpAvira URL Cloud: detection malicious, Label: phishing
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpSlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering
Multi AV Scanner detection for domain / URL
Source: www.tellthedream.comVirustotal: Detection: 5%Perma Link
Multi AV Scanner detection for submitted file
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpVirustotal: Detection: 13%Perma Link

Phishing

barindex
AI detected phishing page
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpLLM: Score: 9 Reasons: The provided URL 'www.tellthedream.com' does not match the legitimate domain 'adobe.com'., The domain 'tellthedream.com' does not have any known association with Adobe., The URL structure and domain name do not align with typical Adobe web properties., The domain name 'tellthedream.com' appears unrelated to Adobe's brand or services, which is a common tactic in phishing attempts. DOM: 0.0.pages.csv
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=LLM: Score: 9 Reasons: The provided URL 'www.tellthedream.com' does not match the legitimate domain 'adobe.com'., The domain 'tellthedream.com' does not have any known association with Adobe., The URL structure and domain name do not align with typical Adobe-related URLs., The domain name 'tellthedream.com' appears unrelated to Adobe's services or products, which raises suspicion. DOM: 1.2.pages.csv
Phishing site detected (based on favicon image match)
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpMatcher: Template: adobe matched with high similarity
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=Matcher: Template: adobe matched with high similarity
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Number of links: 0
Source: http://www.tellthedream.com/wpp-adobe/adobe.phpHTTP Parser: Total embedded image size: 14447
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Total embedded image size: 22279
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Total embedded background img size: 203631
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Title: Adobe ID does not match URL
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Has password / email / username input fields
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: Form action: token.php?email=
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: <input type="password" .../> found
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: No <meta name="author".. found
Source: http://www.tellthedream.com/wpp-adobe/callback.php?email=HTTP Parser: No <meta name="copyright".. found
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49726 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 20.114.59.183
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kV5pTU8cRDMHksb&MD=svk6moaW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kV5pTU8cRDMHksb&MD=svk6moaW HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /wpp-adobe/adobe.php HTTP/1.1Host: www.tellthedream.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /wpp-adobe/callback.php?email= HTTP/1.1Host: www.tellthedream.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9
Source: global trafficDNS traffic detected: DNS query: www.tellthedream.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: unknownHTTP traffic detected: POST /threshold/xls.aspx HTTP/1.1Origin: https://www.bing.comReferer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: */*Accept-Language: en-CHContent-type: text/xmlX-Agent-DeviceId: 01000A410900D492X-BM-CBT: 1696428841X-BM-DateFormat: dd/MM/yyyyX-BM-DeviceDimensions: 784x984X-BM-DeviceDimensionsLogical: 784x984X-BM-DeviceScale: 100X-BM-DTZ: 120X-BM-Market: CHX-BM-Theme: 000000;0078d7X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66EX-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22X-Device-isOptin: falseX-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}X-Device-OSSKU: 48X-Device-Touch: falseX-DeviceID: 01000A410900D492X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticshX-MSEdge-ExternalExpType: JointCoordX-PositionerType: DesktopX-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUIX-Search-CortanaAvailableCapabilities: NoneX-Search-SafeSearch: ModerateX-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard TimeX-UserAgeClass: UnknownAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: www.bing.comContent-Length: 2484Connection: Keep-AliveCache-Control: no-cacheCookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1727234520893&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49703 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49703
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49714 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49718 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.114.59.183:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: classification engineClassification label: mal76.phis.win@22/12@4/5
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,10763147438608566531,18013151587605379891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.tellthedream.com/wpp-adobe/adobe.php"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,10763147438608566531,18013151587605379891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: Google Drive.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Registry Run Keys / Startup Folder		1
Process Injection		1
Masquerading		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
Registry Run Keys / Startup Folder		1
Process Injection		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media3
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Obfuscated Files or Information		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive4
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture1
Ingress Tool Transfer		Traffic DuplicationData Destruction

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
http://www.tellthedream.com/wpp-adobe/adobe.php100%Avira URL Cloudphishing
http://www.tellthedream.com/wpp-adobe/adobe.php14%VirustotalBrowse
http://www.tellthedream.com/wpp-adobe/adobe.php100%SlashNextCredential Stealing type: Phishing & Social Engineering

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
www.tellthedream.com5%VirustotalBrowse
bg.microsoft.map.fastly.net0%VirustotalBrowse
www.google.com0%VirustotalBrowse
tellthedream.com2%VirustotalBrowse
fp2e7a.wpc.phicdn.net0%VirustotalBrowse

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
bg.microsoft.map.fastly.net
199.232.214.172
truefalseunknown
tellthedream.com
213.5.70.137
truetrueunknown
www.google.com
172.217.16.132
truefalseunknown
fp2e7a.wpc.phicdn.net
192.229.221.95
truefalseunknown
www.tellthedream.com
unknown
unknowntrueunknown

Contacted URLs

NameMaliciousAntivirus DetectionReputation
http://www.tellthedream.com/wpp-adobe/adobe.phptrue
    		unknown
    http://www.tellthedream.com/wpp-adobe/callback.php?email=true
      		unknown

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      213.5.70.137
      		tellthedream.comNetherlands
      		51430ALTUSNLtrue
      239.255.255.250
      		unknownReserved
      		unknownunknownfalse
      172.217.16.132
      		www.google.comUnited States
      		15169GOOGLEUSfalse

      Private

      IP
      192.168.2.6
      192.168.2.5

      General Information

      Joe Sandbox version:41.0.0 Charoite
      Analysis ID:1517647
      Start date and time:2024-09-25 05:21:22 +02:00
      Joe Sandbox product:CloudBasic
      Overall analysis duration:0h 3m 46s
      Hypervisor based Inspection enabled:false
      Report type:full
      Cookbook file name:browseurl.jbs
      Sample URL:http://www.tellthedream.com/wpp-adobe/adobe.php
      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
      Number of analysed new started processes analysed:8
      Number of new started drivers analysed:0
      Number of existing processes analysed:0
      Number of existing drivers analysed:0
      Number of injected processes analysed:0
      Technologies:
      • HCA enabled
      • EGA enabled
      • AMSI enabled
      Analysis Mode:default
      Analysis stop reason:Timeout
      Detection:MAL
      Classification:mal76.phis.win@22/12@4/5
      EGA Information:Failed
      HCA Information:
      • Successful, ratio: 100%
      • Number of executed functions: 0
      • Number of non-executed functions: 0
      Cookbook Comments:
      • Browse: https://www.adobe.com/br/legal/terms-linkfree.html
      • Browse: https://www.adobe.com/go/privacy_policy_linkfree_br
      • Browse: https://www.adobe.com/privacy/us-rights-linkfree.html

      Warnings

      • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
      • Excluded IPs from analysis (whitelisted): 142.250.184.227, 142.250.186.46, 64.233.184.84, 34.104.35.123, 142.250.184.202, 216.58.206.42, 142.250.185.106, 142.250.181.234, 142.250.185.234, 142.250.185.74, 142.250.185.202, 142.250.184.234, 172.217.18.10, 142.250.185.138, 142.250.186.42, 142.250.185.170, 172.217.16.138, 216.58.206.74, 142.250.186.170, 142.250.186.106, 199.232.214.172, 192.229.221.95, 2.16.202.107, 2.16.202.98, 13.85.23.206, 20.242.39.171, 142.250.186.35, 2.16.164.115, 2.16.164.83, 216.58.206.46, 142.250.185.195
      • Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, stls.adobe.com-cn.edgesuite.net.globalredir.akadns.net, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, stls.adobe.com-cn.edgesuite.net, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, a1815.dscr.akamai.net, update.googleapis.com, clients.l.google.com, www.gstatic.com, wu-b-net.trafficmanager.net, www.adobe.com
      • Not all processes where analyzed, report is missing behavior information
      • Report size getting too big, too many NtSetInformationFile calls found.
      • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

      Simulations

      Behavior and APIs

      No simulations

      LLM Input / Output

      Joe Sandbox View / Context

      IPs

      No context

      Domains

      No context

      ASNs

      No context

      JA3 Fingerprints

      No context

      Dropped Files

      No context

      Created / dropped Files

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 02:22:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2677
      Entropy (8bit):3.983997524822213
      Encrypted:false
      SSDEEP:48:8ed2TyWSHIidAKZdA19ehwiZUklqehs5y+3:8XHRjy
      MD5:8EC38966E75B112AB255C0AA29A5DF22
      SHA1:09F659C9278DC210629F907FC6431B15DB6934C6
      SHA-256:ECF54926C4DE2A6AF6389E7D4502397522AEEF6C8940FB8D15E18889C546C05B
      SHA-512:CB9BB5B4CB47AAB0D03E33A097DEF44D36350458FECE6DFCF8EAE1B3E486B3CCEA666007EC505B028127F9B688536210D7CEF8B262554E7D6FBE8029080E6563
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 02:22:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2679
      Entropy (8bit):3.9982058592391945
      Encrypted:false
      SSDEEP:48:8dd2TyWSHIidAKZdA1weh/iZUkAQkqehh5y+2:8mHj9Qey
      MD5:99F88164484CF59B42DDFDEB1A1F0F28
      SHA1:B55823880A1B5C3B378E8326C8DD5A50647EB4B2
      SHA-256:99BFB4A9E6979433D061CC9BD57861C3B0D88D72232D62508FE790721417A751
      SHA-512:044D5A446FDDBAB157E0280413E4DD4F25F6294EF5A5792C04C91A96D4277EC612329DEAEFD81A0F341B0522BF1DCC9213D248B7D7BDAB6B69617802B8FC0F73
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,............N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2693
      Entropy (8bit):4.008673208220065
      Encrypted:false
      SSDEEP:48:8xXd2TyWsHIidAKZdA14tseh7sFiZUkmgqeh7sf5y+BX:8x4HNn3y
      MD5:9EA55B401A97EE4FBB008D550A595BC2
      SHA1:9B892013304EEE10BE3B5A03B15795EB19BB3613
      SHA-256:CC781EA36D1514502669B96DAF1D29166257CD2778E3CD9FF9D7D47D9B255BED
      SHA-512:E90AC4DEC70606157D251DC36175B3F254F6239842DC8AB2CE78D5052B57179920B24EF896A39A7FE0A225D75BAF626F056D9BA36219C6E101FE0312CA284A56
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 02:22:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2681
      Entropy (8bit):3.9979153762297956
      Encrypted:false
      SSDEEP:48:8xd2TyWSHIidAKZdA1vehDiZUkwqehl5y+R:8SHA5y
      MD5:3ACEAEFC719E3E7D054C70FBC3A3DC10
      SHA1:7016F62BBFD299EDBB9693E1BD2DDB0F9703B49A
      SHA-256:B6F8831E1C52EC174AAE33CE7B812161BA1EE177E138F3E610F128D58623F86E
      SHA-512:123DF002679383AB2DEB0894F3054B41D5DDD66B3EA3662A87DE26C54BB6A29B0BA72477FCFE80F3AA566D03DD4735982BB3D081EDC0E628573CCB082B31A66E
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,....((......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 02:22:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2681
      Entropy (8bit):3.9843283751635368
      Encrypted:false
      SSDEEP:48:8Pod2TyWSHIidAKZdA1hehBiZUk1W1qehb5y+C:8pHg9ly
      MD5:A1988C95CD2232BC261303C418815FA4
      SHA1:153F9E0219E926200521A298F89FDC1D71E01236
      SHA-256:794811455F6F8753A6285998C38D5174295BBA8919699C16157A0C7C933635DF
      SHA-512:C8AC5CD35AD134F1E5A267FD872E33FEEEDEE864E4F04FBAD920E9883DED66C2186CF1E82FCBD960332EC3D356E98B0618F79F13EEC8A85EC404A2E36E5233B2
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,...._s......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Sep 25 02:22:17 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
      Category:dropped
      Size (bytes):2683
      Entropy (8bit):3.9967001997386427
      Encrypted:false
      SSDEEP:48:8Gd2TyWSHIidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbd5y+yT+:8fHuT/TbxWOvTb3y7T
      MD5:826B19C942D652AE2B8B10A430C3E869
      SHA1:8ABB9E243FAF720FC5A0ED4A953FF17692BD9A4C
      SHA-256:FFF51D56AE368B6B7F3B5D04DF158EB5DD45A2F45DD3B29015DBAB6262B7226E
      SHA-512:D83347EE584D7F3E36E0DB47D8E376F74138CA1E2AE2AB35E2D5D5566501A45B772FAB5C90581A3FCBB87BDFAFD059F3940BEF534234AC999367D4265F1F505C
      Malicious:false
      Reputation:low
      Preview:L..................F.@.. ...$+.,....J5......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I9Y......B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V9Y......L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V9Y......M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V9Y............................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V9Y.............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i.............zg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

      Chrome Cache Entry: 66

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:HTML document, ASCII text, with very long lines (57030)
      Category:downloaded
      Size (bytes):316595
      Entropy (8bit):6.082361184957138
      Encrypted:false
      SSDEEP:6144:4o0paVDpZ3A6TpMoBEDYV8aYq22HdoT0LxL7H6:5B73AABBcrvuoILg
      MD5:6FBA518258682C91729191BB3D62897F
      SHA1:603AA3DEECBCA5B89AF2E9FDA49E17CAAFB13066
      SHA-256:389860CBF97F64C3EFF108B3948C719CE7C1F337B2FD8835A92B832BC6C50BB9
      SHA-512:D18335FB4652CAA25E7AA13CD795E5631FB31ACB5E63F2745890E6E31563D19EA68E3B52FB9C6DE8C4CFB4B3F12A48BDFA26CC5E45CCAA8E3C6960D269EF43C1
      Malicious:false
      Reputation:low
      URL:http://www.tellthedream.com/wpp-adobe/adobe.php
      Preview:.<!DOCTYPE html> <html lang=pt class="wf-adobeclean-n4-active wf-adobeclean-n7-active wf-adobeclean-n3-active wf-active">.<meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge">..<script>.setTimeout(function (){ window.location.href= 'callback.php?email=';},3000);.</script>..<title>Atualizar o Adobe PDF Reader</title><meta name=viewport content="width=device-width,initial-scale=1,viewport-fit=cover,maximum-scale=1"><meta name=description content="Adobe ID"><style>.Canvas-Layout.Canvas-Layout--susi-loaded{visibility:visible!important}.Canvas-Layout--susi-loaded.Canvas-Layout--with-footer .Canvas-Footer{display:flex}@media screen and (min-width:1024px){}@media screen and (min-width:1024px){}@media screen and (min-width:1280px){}@media screen and (min-width:510px){}</style><style>@media screen and (min-width:510px){}</style><style>.spectrum-Link{background-color:rgba(0,0,0,0);-webkit-text-decoration-skip:objects;text-decoration:none;outline:0}.spectrum--lightest .spectrum-

      Chrome Cache Entry: 67

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:HTML document, ASCII text, with very long lines (53591)
      Category:downloaded
      Size (bytes):351837
      Entropy (8bit):6.096442309571057
      Encrypted:false
      SSDEEP:6144:aonNr+DtW4RlUyzN6s9xtxq22HdoT0LxL7HUPq:pNyDtf9wgvuoILSi
      MD5:39B623B818D7A317567659A6CA11C78B
      SHA1:124396893A73E99BB0B46693B88C27B187C695EE
      SHA-256:6611255A6DB219C6B0A4FAA206DB8006E35FFD316786249F43863785ABCC5C78
      SHA-512:756462522E31FDD81651B08ADBF200BB838C996B95913F7D3E2BEDFDF44CA7F9080A4E061169F4F37A86E1996647FE94FA1E31D76415F715E62E6D00FC134BDE
      Malicious:false
      Reputation:low
      URL:http://www.tellthedream.com/wpp-adobe/callback.php?email=
      Preview:.<!DOCTYPE html>.<html lang=pt data-arp class="wf-adobeclean-n4-active wf-adobeclean-n7-active wf-adobeclean-n3-active wf-active">.<meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge"><title>Adobe ID</title><meta name=viewport content="width=device-width,initial-scale=1,viewport-fit=cover,maximum-scale=1"><meta name=description content="Adobe ID"><style>.Canvas-Layout.Canvas-Layout--susi-loaded{visibility:visible!important}.Canvas-Layout--susi-loaded.Canvas-Layout--with-footer .Canvas-Footer{display:flex}@media screen and (min-width:1024px){}@media screen and (min-width:1024px){}@media screen and (min-width:1280px){}@media screen and (min-width:510px){}</style><style>@media screen and (min-width:510px){}</style><style>.spectrum-Button{display:-ms-inline-flexbox;display:-webkit-inline-box;display:-webkit-inline-flex;display:-moz-inline-box;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;-ms-flex-align:center;-webkit-box-align:center;-webkit-align-items:center;

      Chrome Cache Entry: 68

      Download File
      Process:C:\Program Files\Google\Chrome\Application\chrome.exe
      File Type:ASCII text, with no line terminators
      Category:downloaded
      Size (bytes):28
      Entropy (8bit):4.378783493486175
      Encrypted:false
      SSDEEP:3:qinPt:qyPt
      MD5:4C42AB4890733A2B01B1B3269C4855E7
      SHA1:5B68BFE664DCBC629042EA45C23954EEF1A9F698
      SHA-256:F69E8FC1414A82F108CFA0725E5211AF1865A9CEA342A5F01E6B2B5ABE47E010
      SHA-512:0631C6EFD555699CB2273107FE5AF565FEC2234344E2D412C23E4EE43C6D721CB2B058764622E44FD544D840FF64D7C866565E280127C701CAAB0A48C35D4F5C
      Malicious:false
      Reputation:low
      URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISFwmIHD1GSYZeGhIFDYOoWz0SBQ3OQUx6?alt=proto
      Preview:ChIKBw2DqFs9GgAKBw3OQUx6GgA=

      Static File Info

      No static file info

      Network Behavior

      Network Port Distribution

      TCP Packets

      TimestampSource PortDest PortSource IPDest IP
      Sep 25, 2024 05:22:10.644103050 CEST49675443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:10.644108057 CEST49674443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:10.737854958 CEST49673443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:17.783411026 CEST4970980192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:17.783857107 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:17.788367033 CEST8049709213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:17.788707018 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:17.788815022 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:17.788815022 CEST4970980192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:17.792134047 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:17.796978951 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411060095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411118031 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411151886 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411171913 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.411186934 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411225080 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411243916 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.411276102 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411308050 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411331892 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.411341906 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411376953 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411428928 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.411442041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.411470890 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.416376114 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.416412115 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.416452885 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.416487932 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.460144043 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501409054 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501425028 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501439095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501455069 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501471043 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501482964 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501487970 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501540899 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501549006 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501558065 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501576900 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501590967 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501605988 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501610041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501622915 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501637936 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501646042 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501653910 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501669884 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501687050 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501705885 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501720905 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501737118 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501759052 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501899958 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501918077 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501934052 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.501946926 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.501972914 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.502408981 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.502424955 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.502473116 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.502566099 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.507329941 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.507405996 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.507481098 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.549010992 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.586460114 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586493015 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586518049 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586533070 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586549044 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586564064 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586575985 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.586582899 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586618900 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.586832047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586847067 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586868048 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586874962 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.586894989 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586910009 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.586911917 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.586949110 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.587414026 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587443113 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587460041 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587487936 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.587528944 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587544918 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587562084 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.587572098 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.587598085 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.587718010 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588310003 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588325024 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588340998 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588361025 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.588388920 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.588397026 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588413000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588428974 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588443995 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.588458061 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.588486910 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.589206934 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589224100 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589232922 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589293003 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.589298964 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589314938 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589332104 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589344025 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.589349031 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.589370012 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590131044 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590147972 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590173960 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590182066 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590187073 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590204000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590214968 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590229034 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590241909 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590245962 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590296984 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590913057 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590928078 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590960979 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590971947 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.590979099 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.590996981 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.591011047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.591027021 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.591061115 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674019098 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674079895 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674114943 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674144983 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674150944 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674186945 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674216032 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674222946 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674263000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674269915 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674297094 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674333096 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674340963 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674374104 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674406052 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674426079 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674459934 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674491882 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674509048 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674568892 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674602985 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674616098 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674639940 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674673080 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674685955 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.674709082 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674743891 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.674761057 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675101042 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675117016 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675132990 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675146103 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675178051 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675187111 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675194979 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675213099 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675230026 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675234079 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675272942 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675328016 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675343990 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675359011 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675376892 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675389051 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.675401926 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.675417900 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676022053 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676038027 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676053047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676069975 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676085949 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676098108 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676103115 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676120996 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676151991 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676407099 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676455021 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676465034 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676482916 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676520109 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676549911 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676565886 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676588058 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676604986 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676605940 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676645041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676656008 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676671982 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676687002 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676704884 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676711082 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.676722050 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.676745892 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677342892 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677390099 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677391052 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677407026 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677447081 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677479982 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677496910 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677519083 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677536011 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677536964 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677572966 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677578926 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677598000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677613974 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677628994 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677637100 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.677645922 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.677669048 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.678256035 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678302050 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678316116 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.678317070 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678358078 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.678363085 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678378105 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678394079 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.678421021 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.732094049 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762104034 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762171030 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762237072 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762238979 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762289047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762322903 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762330055 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762373924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762408972 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762418032 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762443066 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762491941 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762497902 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762531042 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762564898 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762578964 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762599945 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762634993 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762643099 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762686014 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762721062 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762732983 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762761116 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762795925 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762806892 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762830973 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762865067 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762876034 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762900114 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762936115 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.762949944 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.762969971 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763003111 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763021946 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763037920 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763071060 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763082027 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763106108 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763139963 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763159990 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763173103 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763209105 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763223886 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763250113 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763284922 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763303995 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763336897 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763374090 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763389111 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763428926 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763477087 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763484001 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763519049 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763552904 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763576984 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763602972 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763638020 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763657093 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763670921 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763705969 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763724089 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763756990 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763792038 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763803005 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763824940 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763859987 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763865948 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763895988 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763930082 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763941050 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.763966084 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.763999939 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764010906 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764034986 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764070988 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764075041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764298916 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764333010 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764347076 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764385939 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764437914 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764439106 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764476061 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764508009 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764525890 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764563084 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764596939 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764611006 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764632940 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764667034 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764678001 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764702082 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764734983 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764743090 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764767885 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764801979 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764811039 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.764838934 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764868021 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.764885902 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769071102 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769140005 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769144058 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769201040 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769237995 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769251108 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769273043 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769319057 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769325972 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769361019 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769396067 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769402981 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769428968 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769463062 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769469976 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769515991 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769567013 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769577980 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769602060 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769639969 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769644976 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769674063 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769715071 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769723892 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769758940 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769803047 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769810915 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769845963 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769884109 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769891977 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769917965 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769953012 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.769967079 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.769987106 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770020962 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770035028 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770055056 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770092010 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770109892 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770124912 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770159006 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770169973 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770191908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770226955 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770255089 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770262957 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770298004 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770306110 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770334959 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770371914 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770380020 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770406008 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770453930 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770462036 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770513058 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770546913 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770576000 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770579100 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770613909 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770623922 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.770647049 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770682096 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.770692110 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.793771982 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.849181890 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849253893 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849291086 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849313021 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.849325895 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849361897 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849375010 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.849396944 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849436045 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:18.849443913 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:18.891959906 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:20.272795916 CEST49675443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:20.350959063 CEST49674443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:20.475904942 CEST49673443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:20.545442104 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:20.545486927 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:20.545546055 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:20.548325062 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:20.548342943 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.196290016 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.215768099 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:21.215795994 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.219630003 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.219749928 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:21.228300095 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:21.228602886 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.350898981 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:21.350925922 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:21.476247072 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:21.476293087 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:21.476365089 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:21.477900028 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:21.477920055 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:21.538404942 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:22.024091005 CEST4434970323.1.237.91192.168.2.5
      Sep 25, 2024 05:22:22.024220943 CEST49703443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:22.153249025 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.153477907 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.342293978 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.342319965 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.343225956 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.369534969 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.374473095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.476840973 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.487670898 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.535399914 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.600838900 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.600908041 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.600943089 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.600981951 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.600996017 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601032972 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601064920 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601089954 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.601098061 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601113081 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.601130962 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601165056 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601178885 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.601197004 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601231098 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601264000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601281881 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.601299047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.601308107 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.601344109 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625109911 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625144958 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625194073 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625202894 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625261068 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625309944 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625332117 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625396967 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625447989 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625448942 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625502110 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625552893 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625552893 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625603914 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625637054 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625664949 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625688076 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625721931 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625752926 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625766993 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625798941 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625803947 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625837088 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625871897 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625880957 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625905037 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625937939 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.625950098 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.625968933 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626005888 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626034975 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626044035 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.626069069 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626086950 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.626106977 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626137018 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626171112 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626184940 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.626199961 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626235008 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626245975 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.626269102 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626280069 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.626301050 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.626349926 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.700790882 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.700860023 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.700896025 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.700927973 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.700954914 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.700983047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.700990915 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701016903 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701050043 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701066971 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701101065 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701174974 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701208115 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701221943 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701242924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701276064 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701294899 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701309919 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701323032 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701342106 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701375008 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701402903 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701421976 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701447010 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701462030 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701514959 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701544046 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701561928 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701594114 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701627016 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701658964 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701672077 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701694012 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701725960 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701744080 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701760054 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701771021 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701867104 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701898098 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701915979 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.701931000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.701965094 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702014923 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702043056 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702050924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702094078 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702097893 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702124119 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702140093 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702178001 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702207088 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702249050 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702264071 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702315092 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702347040 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702363968 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702380896 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702395916 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702409983 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702444077 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702491999 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702512980 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702565908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702598095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702611923 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702634096 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702640057 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702666998 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702714920 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702718973 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702753067 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702800035 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702805042 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702837944 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702889919 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702934027 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.702938080 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.702972889 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703003883 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703020096 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.703037977 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703049898 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.703071117 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703103065 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703115940 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.703135014 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703169107 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703202009 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.703214884 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.704272985 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776057959 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776092052 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776127100 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776153088 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776264906 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776307106 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776357889 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776375055 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776407003 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776429892 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776443005 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776472092 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776504040 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776520967 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776536942 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776568890 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776587963 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776602030 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776629925 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776648045 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776663065 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776674986 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776698112 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776726961 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776763916 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776774883 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776796103 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776844025 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.776936054 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776968956 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.776988983 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777004957 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777049065 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777055979 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777107000 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777157068 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777189970 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777189970 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777240038 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777240038 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777291059 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777323961 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777355909 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777375937 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777388096 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777405024 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777420998 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777452946 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777496099 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777504921 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777538061 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777580976 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777589083 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777621031 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777653933 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777662992 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777686119 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777693987 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777726889 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777755022 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777787924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777803898 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777822971 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777852058 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777870893 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777889013 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777899981 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.777923107 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777951002 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.777968884 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778001070 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778033018 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778053045 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778062105 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778095961 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778109074 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778192997 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778245926 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778248072 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778279066 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778314114 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778318882 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778347969 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778378963 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778393030 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778549910 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778578043 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778610945 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778610945 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778654099 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778661013 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778690100 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778723955 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778755903 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778769016 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778791904 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778790951 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778825998 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778856993 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778891087 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778903961 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778939962 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.778984070 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.778991938 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779020071 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779036999 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779072046 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779122114 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779124022 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779153109 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779182911 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779201984 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779216051 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779249907 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779284954 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779303074 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779303074 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779335976 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779367924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779393911 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.779419899 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.779431105 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.787487984 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.787643909 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.787770033 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.788073063 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788108110 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788130045 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788141012 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788187981 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788189888 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788227081 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788281918 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788315058 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788332939 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788366079 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788391113 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788417101 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788444996 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788463116 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788501978 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788535118 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788553953 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788568020 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788600922 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788633108 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788650036 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788667917 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788697958 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788716078 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788743019 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788768053 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788800001 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788834095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788841963 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788882971 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788916111 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788921118 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.788948059 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.788983107 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789010048 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789028883 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789057016 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789418936 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789447069 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789500952 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789546013 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789552927 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789587975 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789602041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789621115 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789657116 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789660931 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789710999 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789745092 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789766073 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789772987 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789813995 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789827108 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789860010 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789894104 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789935112 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.789944887 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.789997101 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790029049 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790035009 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.790061951 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790095091 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790107012 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.790124893 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790159941 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.790169954 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.790200949 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.798326969 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.798326969 CEST49714443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.798352003 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.798363924 CEST44349714184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.851274014 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851324081 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851376057 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851393938 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851448059 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851500034 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851522923 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851531029 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851564884 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851596117 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851612091 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851638079 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851661921 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851670980 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851706028 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851732016 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851749897 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851763964 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851774931 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.851800919 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851834059 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.851852894 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.857827902 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.857872009 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.858118057 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.858584881 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:22.858599901 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:22.863574028 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863625050 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863662004 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863682032 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.863713026 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863715887 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.863765001 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863799095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863817930 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.863832951 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863877058 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.863888025 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863943100 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.863986015 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.863992929 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864027977 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864058971 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864090919 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864094019 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864128113 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864161968 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864166975 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864195108 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864197969 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864234924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864269018 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864285946 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864303112 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864335060 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864375114 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864388943 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864439011 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864442110 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864468098 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864509106 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864517927 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864552021 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864578009 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864593983 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864610910 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864643097 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864656925 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864672899 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864705086 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864727020 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864737988 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864769936 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864784956 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864804983 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864847898 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.864888906 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864921093 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864964008 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.864969015 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865017891 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865067005 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865098953 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865103960 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865132093 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865147114 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865164995 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865210056 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865401983 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865428925 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865542889 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865616083 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865648031 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865699053 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865716934 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865732908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865766048 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865786076 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865814924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865848064 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865854979 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865875959 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865914106 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.865935087 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865968943 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.865998983 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866019011 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866033077 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866065025 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866099119 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866102934 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866127968 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866147041 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866242886 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866277933 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866316080 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866327047 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866358042 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866365910 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866391897 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866425037 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866430998 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866458893 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866499901 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866624117 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866655111 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866688967 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866694927 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866738081 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866772890 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866785049 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866805077 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866839886 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866846085 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.866868019 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.866908073 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.875874043 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.875902891 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.875936031 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.875967026 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.875993013 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876041889 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876045942 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876099110 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876132011 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876163960 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876185894 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876195908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876214981 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876231909 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876260996 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876291037 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876312971 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876339912 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876352072 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876384974 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876430035 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876435995 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876486063 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876519918 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876538038 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876555920 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876588106 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876605988 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876617908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876650095 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876663923 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876684904 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876717091 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876749992 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876765966 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.876782894 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.876831055 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877074957 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877103090 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877151966 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877155066 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877187967 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877223015 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877239943 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877274036 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877286911 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877305984 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877341032 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877377987 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877434015 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877485037 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877489090 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877567053 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877612114 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877619982 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877654076 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877686024 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877718925 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877748966 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.877752066 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.877769947 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.923749924 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.923791885 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.923818111 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.923845053 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.923878908 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.923914909 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:22.923928976 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:22.923958063 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:23.502569914 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.502681017 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.503918886 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.503926039 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.504857063 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.506586075 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.551400900 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.776355028 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.776544094 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.776612043 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.777403116 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.777420998 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:23.777435064 CEST49715443192.168.2.5184.28.90.27
      Sep 25, 2024 05:22:23.777440071 CEST44349715184.28.90.27192.168.2.5
      Sep 25, 2024 05:22:27.552136898 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:27.552206039 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:28.355005980 CEST4971080192.168.2.5213.5.70.137
      Sep 25, 2024 05:22:28.359999895 CEST8049710213.5.70.137192.168.2.5
      Sep 25, 2024 05:22:28.845541954 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:28.845645905 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:28.845750093 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:28.847142935 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:28.847177029 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:29.627753019 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:29.627866030 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:29.631745100 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:29.631776094 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:29.632241011 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:29.680068016 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:30.265407085 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:30.311407089 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521316051 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521346092 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521357059 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521375895 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521413088 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521441936 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:30.521521091 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521553993 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.521583080 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:30.521648884 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:30.521981001 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.522058010 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:30.522125006 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:31.068918943 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:31.068962097 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:31.068979025 CEST49718443192.168.2.520.114.59.183
      Sep 25, 2024 05:22:31.068985939 CEST4434971820.114.59.183192.168.2.5
      Sep 25, 2024 05:22:31.091834068 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:31.091913939 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:31.091983080 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:32.879187107 CEST49713443192.168.2.5172.217.16.132
      Sep 25, 2024 05:22:32.879235983 CEST44349713172.217.16.132192.168.2.5
      Sep 25, 2024 05:22:33.450802088 CEST49703443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:33.450968027 CEST49703443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:33.458277941 CEST4434970323.1.237.91192.168.2.5
      Sep 25, 2024 05:22:33.458290100 CEST4434970323.1.237.91192.168.2.5
      Sep 25, 2024 05:22:33.468914032 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:33.468978882 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:33.469113111 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:33.471127033 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:33.471147060 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.087030888 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.087124109 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.106574059 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.106604099 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.107112885 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.107180119 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.107741117 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.107772112 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.107992887 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.108000040 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.347999096 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.348073959 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.348077059 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.348126888 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.348237038 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.348263979 CEST4434972623.1.237.91192.168.2.5
      Sep 25, 2024 05:22:34.348277092 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:22:34.348314047 CEST49726443192.168.2.523.1.237.91
      Sep 25, 2024 05:23:02.790833950 CEST4970980192.168.2.5213.5.70.137
      Sep 25, 2024 05:23:02.803992033 CEST8049709213.5.70.137192.168.2.5
      Sep 25, 2024 05:23:08.140599966 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:08.140650034 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:08.140846968 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:08.141472101 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:08.141489029 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:08.962920904 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:08.963021040 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:08.966990948 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:08.967017889 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:08.967463970 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:08.976861000 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.019447088 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.298763037 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.298820972 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.298862934 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.298903942 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.298984051 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.299026012 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.299063921 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.299643993 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.299686909 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.299737930 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.299752951 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.299792051 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.299935102 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.300024986 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.304652929 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.304692984 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:09.304717064 CEST49729443192.168.2.520.114.59.183
      Sep 25, 2024 05:23:09.304732084 CEST4434972920.114.59.183192.168.2.5
      Sep 25, 2024 05:23:18.353560925 CEST4970980192.168.2.5213.5.70.137
      Sep 25, 2024 05:23:18.358830929 CEST8049709213.5.70.137192.168.2.5
      Sep 25, 2024 05:23:18.359184980 CEST4970980192.168.2.5213.5.70.137
      Sep 25, 2024 05:23:20.450581074 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:20.450620890 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:20.450689077 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:20.451786995 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:20.451798916 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:21.224270105 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:21.225126982 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:21.225162029 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:21.225564957 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:21.227605104 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:21.227684021 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:21.274557114 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:31.011246920 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:31.011347055 CEST44349733172.217.16.132192.168.2.5
      Sep 25, 2024 05:23:31.011451006 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:32.359941959 CEST49733443192.168.2.5172.217.16.132
      Sep 25, 2024 05:23:32.360009909 CEST44349733172.217.16.132192.168.2.5

      UDP Packets

      TimestampSource PortDest PortSource IPDest IP
      Sep 25, 2024 05:22:15.691952944 CEST53638641.1.1.1192.168.2.5
      Sep 25, 2024 05:22:15.751900911 CEST53652761.1.1.1192.168.2.5
      Sep 25, 2024 05:22:17.100269079 CEST53643461.1.1.1192.168.2.5
      Sep 25, 2024 05:22:17.735177040 CEST6516453192.168.2.51.1.1.1
      Sep 25, 2024 05:22:17.735296965 CEST5381553192.168.2.51.1.1.1
      Sep 25, 2024 05:22:17.772463083 CEST53538151.1.1.1192.168.2.5
      Sep 25, 2024 05:22:17.778681993 CEST53651641.1.1.1192.168.2.5
      Sep 25, 2024 05:22:20.447091103 CEST5527353192.168.2.51.1.1.1
      Sep 25, 2024 05:22:20.447298050 CEST6477753192.168.2.51.1.1.1
      Sep 25, 2024 05:22:20.453836918 CEST53552731.1.1.1192.168.2.5
      Sep 25, 2024 05:22:20.453933001 CEST53647771.1.1.1192.168.2.5
      Sep 25, 2024 05:22:23.181596041 CEST53552331.1.1.1192.168.2.5
      Sep 25, 2024 05:22:35.641608953 CEST53502591.1.1.1192.168.2.5
      Sep 25, 2024 05:22:54.738665104 CEST53654311.1.1.1192.168.2.5
      Sep 25, 2024 05:23:15.333070040 CEST53543541.1.1.1192.168.2.5
      Sep 25, 2024 05:23:17.591152906 CEST53642221.1.1.1192.168.2.5
      Sep 25, 2024 05:23:43.758410931 CEST53505141.1.1.1192.168.2.5

      DNS Queries

      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
      Sep 25, 2024 05:22:17.735177040 CEST192.168.2.51.1.1.10x2886Standard query (0)www.tellthedream.comA (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:17.735296965 CEST192.168.2.51.1.1.10x484eStandard query (0)www.tellthedream.com65IN (0x0001)false
      Sep 25, 2024 05:22:20.447091103 CEST192.168.2.51.1.1.10xd63cStandard query (0)www.google.comA (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:20.447298050 CEST192.168.2.51.1.1.10xf9e6Standard query (0)www.google.com65IN (0x0001)false

      DNS Answers

      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
      Sep 25, 2024 05:22:17.772463083 CEST1.1.1.1192.168.2.50x484eNo error (0)www.tellthedream.comtellthedream.comCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:22:17.778681993 CEST1.1.1.1192.168.2.50x2886No error (0)www.tellthedream.comtellthedream.comCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:22:17.778681993 CEST1.1.1.1192.168.2.50x2886No error (0)tellthedream.com213.5.70.137A (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:20.453836918 CEST1.1.1.1192.168.2.50xd63cNo error (0)www.google.com172.217.16.132A (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:20.453933001 CEST1.1.1.1192.168.2.50xf9e6No error (0)www.google.com65IN (0x0001)false
      Sep 25, 2024 05:22:29.755049944 CEST1.1.1.1192.168.2.50x42beNo error (0)bg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:29.755049944 CEST1.1.1.1192.168.2.50x42beNo error (0)bg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:30.312315941 CEST1.1.1.1192.168.2.50x5593No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:22:30.312315941 CEST1.1.1.1192.168.2.50x5593No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
      Sep 25, 2024 05:22:43.945513010 CEST1.1.1.1192.168.2.50xec31No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:22:43.945513010 CEST1.1.1.1192.168.2.50xec31No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
      Sep 25, 2024 05:23:09.756556988 CEST1.1.1.1192.168.2.50x29e3No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:23:09.756556988 CEST1.1.1.1192.168.2.50x29e3No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false
      Sep 25, 2024 05:23:28.599530935 CEST1.1.1.1192.168.2.50xa6e1No error (0)fp2e7a.wpc.2be4.phicdn.netfp2e7a.wpc.phicdn.netCNAME (Canonical name)IN (0x0001)false
      Sep 25, 2024 05:23:28.599530935 CEST1.1.1.1192.168.2.50xa6e1No error (0)fp2e7a.wpc.phicdn.net192.229.221.95A (IP address)IN (0x0001)false

      HTTP Request Dependency Graph

      • fs.microsoft.com
      • slscr.update.microsoft.com
      • https:
        • www.bing.com
      • www.tellthedream.com

      HTTP Packets

      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      0192.168.2.549710213.5.70.137803856C:\Program Files\Google\Chrome\Application\chrome.exe
      TimestampBytes transferredDirectionData
      Sep 25, 2024 05:22:17.792134047 CEST454OUTGET /wpp-adobe/adobe.php HTTP/1.1
      Host: www.tellthedream.com
      Connection: keep-alive
      Upgrade-Insecure-Requests: 1
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
      Accept-Encoding: gzip, deflate
      Accept-Language: en-US,en;q=0.9
      Sep 25, 2024 05:22:18.411060095 CEST1236INHTTP/1.1 200 OK
      Date: Wed, 25 Sep 2024 03:22:18 GMT
      Server: Apache
      Upgrade: h2,h2c
      Connection: Upgrade, Keep-Alive
      Keep-Alive: timeout=5, max=100
      Transfer-Encoding: chunked
      Content-Type: text/html; charset=UTF-8
      Data Raw: 31 30 65 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 20 3c 68 74 6d 6c 20 6c 61 6e 67 3d 70 74 20 63 6c 61 73 73 3d 22 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 34 2d 61 63 74 69 76 65 20 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 37 2d 61 63 74 69 76 65 20 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 33 2d 61 63 74 69 76 65 20 77 66 2d 61 63 74 69 76 65 22 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 78 2d 75 61 2d 63 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 0a 0a 3c 73 63 72 69 70 74 3e 0a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 20 28 29 7b 20 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 72 65 66 3d 20 27 63 61 6c 6c 62 61 63 6b 2e 70 68 70 3f 65 6d 61 69 6c 3d 0d 0a 32 30 30 30 0d 0a 27 3b 7d 2c 33 30 30 30 29 3b 0a 3c 2f 73 63 72 69 70 74 3e 0a 0a 3c 74 69 74 6c 65 3e 41 74 75 61 6c 69 7a 61 72 20 6f 20 41 64 6f 62 65 20 50 44 46 20 52 65 61 64 [TRUNCATED]
      Data Ascii: 10e<!DOCTYPE html> <html lang=pt class="wf-adobeclean-n4-active wf-adobeclean-n7-active wf-adobeclean-n3-active wf-active"><meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge"><script>setTimeout(function (){ window.location.href= 'callback.php?email=2000';},3000);</script><title>Atualizar o Adobe PDF Reader</title><meta name=viewport content="width=device-width,initial-scale=1,viewport-fit=cover,maximum-scale=1"><meta name=description content="Adobe ID"><style>.Canvas-Layout.Canvas-Layout--susi-loaded{visibility:visible!important}.Canvas-Layout--susi-loaded.Canvas-Layout--with-footer .Canvas-Footer{display:flex}@media screen and (min-width:1024px){}@media screen and (min-width:1024px){}@media screen and (min-width:1280px){}@media screen and (min-width:510px){}</style><style>@media screen and (min-width:510px){}</style><style>.spectrum-Link{background-color:rgba(0,0,0,0);-webkit-text-decoration-skip:objects;text-decoration:none;outline:0}.spectrum--lightest .spectrum [TRUNCATED]
      Sep 25, 2024 05:22:18.411118031 CEST1236INData Raw: 69 6e 6b 7b 63 6f 6c 6f 72 3a 23 31 34 37 33 65 36 7d 2e 43 61 6e 76 61 73 7b 68 65 69 67 68 74 3a 31 30 30 25 3b 70 6f 73 69 74 69 6f 6e 3a 72 65 6c 61 74 69 76 65 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 43 61 6e 76 61 73 2d 42 61 63 6b 67 72 6f
      Data Ascii: ink{color:#1473e6}.Canvas{height:100%;position:relative;width:100%}.Canvas-Background{background:#fff;height:100%;-webkit-overflow-scrolling:touch;overflow-x:hidden;overflow-y:auto}.Canvas-Layout{display:-ms-grid;display:grid;position:relative
      Sep 25, 2024 05:22:18.411151886 CEST448INData Raw: 2d 72 6f 77 3a 34 3b 2d 6d 73 2d 67 72 69 64 2d 72 6f 77 2d 73 70 61 6e 3a 31 3b 67 72 69 64 2d 72 6f 77 3a 34 2f 35 7d 2e 43 61 6e 76 61 73 2d 47 72 69 64 7b 64 69 73 70 6c 61 79 3a 62 6c 6f 63 6b 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63
      Data Ascii: -row:4;-ms-grid-row-span:1;grid-row:4/5}.Canvas-Grid{display:block;-webkit-box-pack:center;-webkit-justify-content:center;-moz-box-pack:center;-ms-flex-pack:center;justify-content:center;background:#fff;-webkit-box-sizing:border-box;-moz-box-s
      Sep 25, 2024 05:22:18.411186934 CEST1236INData Raw: 78 62 6f 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 77 69 64 74 68 3a 31 30 30 25 3b 2d 6d 73 2d 67 72 69 64 2d 63 6f 6c 75 6d 6e 3a 31 3b 2d 6d 73 2d 67 72 69 64 2d 63 6f 6c 75 6d 6e 2d 73 70 61 6e 3a 32 33 3b 67 72 69 64 2d 63 6f 6c 75 6d 6e
      Data Ascii: xbox;display:flex;width:100%;-ms-grid-column:1;-ms-grid-column-span:23;grid-column:1/13;-ms-grid-row:1;grid-row:1;-webkit-box-orient:vertical;-webkit-box-direction:normal;-webkit-flex-direction:column;-moz-box-orient:vertical;-moz-box-directio
      Sep 25, 2024 05:22:18.411225080 CEST1236INData Raw: 76 61 73 2d 49 74 65 6d 2c 2e 43 61 6e 76 61 73 2d 4c 61 79 6f 75 74 2c 2e 43 61 72 64 4c 61 79 6f 75 74 2d 43 6f 6e 74 61 69 6e 65 72 2c 2e 43 61 72 64 4c 61 79 6f 75 74 2d 54 6f 61 73 74 65 72 2d 43 6f 6e 74 61 69 6e 65 72 2c 2e 43 6f 6e 74 65
      Data Ascii: vas-Item,.Canvas-Layout,.CardLayout-Container,.CardLayout-Toaster-Container,.Content{height:100%}}@media screen and (min-width:1280px){.Canvas-Layout--with-footer .Canvas-Grid{-ms-grid-row:1;-ms-grid-row-span:3;grid-row:1/4}.Canvas-Grid{displa
      Sep 25, 2024 05:22:18.411276102 CEST1236INData Raw: 2c 2e 43 61 6e 76 61 73 2d 46 6f 6f 74 65 72 20 73 70 61 6e 7b 63 6f 6c 6f 72 3a 23 37 34 37 34 37 34 3b 70 61 64 64 69 6e 67 2d 72 69 67 68 74 3a 31 72 65 6d 3b 70 61 64 64 69 6e 67 2d 6c 65 66 74 3a 31 72 65 6d 3b 62 6f 72 64 65 72 2d 6c 65 66
      Data Ascii: ,.Canvas-Footer span{color:#747474;padding-right:1rem;padding-left:1rem;border-left:1px solid #d3d3d3}.Canvas-Footer span:first-child{border-left:none}@media screen and (min-width:768px){.Canvas-Footer{-webkit-box-pack:end;-webkit-justify-cont
      Sep 25, 2024 05:22:18.411308050 CEST1236INData Raw: 6d 3a 6e 6f 6e 65 7d 2e 73 70 65 63 74 72 75 6d 7b 66 6f 6e 74 2d 77 65 69 67 68 74 3a 34 30 30 3b 66 6f 6e 74 2d 73 74 79 6c 65 3a 6e 6f 72 6d 61 6c 7d 2e 73 70 65 63 74 72 75 6d 2d 2d 6c 69 67 68 74 65 73 74 20 2e 73 70 65 63 74 72 75 6d 2d 48
      Data Ascii: m:none}.spectrum{font-weight:400;font-style:normal}.spectrum--lightest .spectrum-Heading1{color:#323232}.spectrum--lightest{color:#505050}noscript:not(:empty)~.CardLayout{border-top-left-radius:0;border-top-right-radius:0}.CardLayout{backgroun
      Sep 25, 2024 05:22:18.411341906 CEST835INData Raw: 69 6e 2d 74 6f 70 3a 32 30 70 78 7d 2e 43 61 72 64 4c 61 79 6f 75 74 5f 5f 66 6f 6f 74 65 72 2d 6c 69 6e 6b 2d 6c 69 73 74 7b 6c 69 73 74 2d 73 74 79 6c 65 3a 6e 6f 6e 65 3b 70 61 64 64 69 6e 67 3a 30 7d 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20
      Data Ascii: in-top:20px}.CardLayout__footer-link-list{list-style:none;padding:0}@media screen and (min-width:510px){.CardLayout{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box;min-height:630px;padding:24px 56px 40px}.CardLay
      Sep 25, 2024 05:22:18.411376953 CEST1236INData Raw: 32 30 30 30 0d 0a 67 68 74 3a 31 2e 31 35 7d 40 6d 65 64 69 61 20 28 6d 69 6e 2d 77 69 64 74 68 3a 33 30 34 70 78 29 7b 7d 3c 2f 73 74 79 6c 65 3e 0a 3c 73 74 79 6c 65 3e 40 6d 65 64 69 61 20 73 63 72 65 65 6e 20 61 6e 64 20 28 6d 69 6e 2d 77 69
      Data Ascii: 2000ght:1.15}@media (min-width:304px){}</style><style>@media screen and (min-width:768px){}.spectrum-Icon{fill:currentColor;pointer-events:none}.spectrum-Icon:not(:root),.spectrum-UIIcon:not(:root){overflow:hidden}.spectrum-ActionButton[dat
      Sep 25, 2024 05:22:18.411428928 CEST1236INData Raw: 72 67 69 6e 3a 30 3b 62 6f 72 64 65 72 2d 73 74 79 6c 65 3a 73 6f 6c 69 64 3b 74 65 78 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 6e 6f 6e 65 3b 2d 77 65 62 6b 69 74 2d 66 6f 6e 74 2d 73 6d 6f 6f 74 68 69 6e 67 3a 61 6e 74 69 61 6c 69 61 73 65 64 3b 2d
      Data Ascii: rgin:0;border-style:solid;text-transform:none;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;-webkit-appearance:button;vertical-align:top;-webkit-transition:background .13s ease-out,border-color .13s ease-out,color .13s e
      Sep 25, 2024 05:22:18.416376114 CEST1236INData Raw: 64 69 73 61 62 6c 65 64 2c 2e 73 70 65 63 74 72 75 6d 2d 54 6f 6f 6c 3a 64 69 73 61 62 6c 65 64 7b 63 75 72 73 6f 72 3a 64 65 66 61 75 6c 74 7d 2e 73 70 65 63 74 72 75 6d 2d 41 63 74 69 6f 6e 42 75 74 74 6f 6e 20 2e 73 70 65 63 74 72 75 6d 2d 49
      Data Ascii: disabled,.spectrum-Tool:disabled{cursor:default}.spectrum-ActionButton .spectrum-Icon{max-height:100%;-ms-flex-negative:0;-webkit-flex-shrink:0;flex-shrink:0}a.spectrum-ActionButton{-webkit-appearance:none;-webkit-user-select:none;-moz-user-se
      Sep 25, 2024 05:22:22.369534969 CEST464OUTGET /wpp-adobe/callback.php?email= HTTP/1.1
      Host: www.tellthedream.com
      Connection: keep-alive
      Upgrade-Insecure-Requests: 1
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
      Accept-Encoding: gzip, deflate
      Accept-Language: en-US,en;q=0.9
      Sep 25, 2024 05:22:22.600838900 CEST1236INHTTP/1.1 200 OK
      Date: Wed, 25 Sep 2024 03:22:22 GMT
      Server: Apache
      Keep-Alive: timeout=5, max=99
      Connection: Keep-Alive
      Transfer-Encoding: chunked
      Content-Type: text/html; charset=UTF-8
      Data Raw: 32 30 30 30 0d 0a 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 70 74 20 64 61 74 61 2d 61 72 70 20 63 6c 61 73 73 3d 22 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 34 2d 61 63 74 69 76 65 20 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 37 2d 61 63 74 69 76 65 20 77 66 2d 61 64 6f 62 65 63 6c 65 61 6e 2d 6e 33 2d 61 63 74 69 76 65 20 77 66 2d 61 63 74 69 76 65 22 3e 0a 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 75 74 66 2d 38 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 78 2d 75 61 2d 63 6f 6d 70 61 74 69 62 6c 65 20 63 6f 6e 74 65 6e 74 3d 22 69 65 3d 65 64 67 65 22 3e 3c 74 69 74 6c 65 3e 41 64 6f 62 65 20 49 44 3c 2f 74 69 74 6c 65 3e 3c 6d 65 74 61 20 6e 61 6d 65 3d 76 69 65 77 70 6f 72 74 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2c 76 69 65 77 70 6f 72 74 2d 66 69 74 3d 63 6f 76 65 72 2c 6d 61 78 69 6d 75 6d 2d 73 63 61 6c 65 3d 31 22 3e 3c 6d 65 74 61 20 6e [TRUNCATED]
      Data Ascii: 2000<!DOCTYPE html><html lang=pt data-arp class="wf-adobeclean-n4-active wf-adobeclean-n7-active wf-adobeclean-n3-active wf-active"><meta charset=utf-8><meta http-equiv=x-ua-compatible content="ie=edge"><title>Adobe ID</title><meta name=viewport content="width=device-width,initial-scale=1,viewport-fit=cover,maximum-scale=1"><meta name=description content="Adobe ID"><style>.Canvas-Layout.Canvas-Layout--susi-loaded{visibility:visible!important}.Canvas-Layout--susi-loaded.Canvas-Layout--with-footer .Canvas-Footer{display:flex}@media screen and (min-width:1024px){}@media screen and (min-width:1024px){}@media screen and (min-width:1280px){}@media screen and (min-width:510px){}</style><style>@media screen and (min-width:510px){}</style><style>.spectrum-Button{display:-ms-inline-flexbox;display:-webkit-inline-box;display:-webkit-inline-flex;display:-moz-inline-box;-webkit-box-sizing:border-box;-moz-box-sizing:border-box;-ms-flex-align:center;-webkit-box-align:center;-webkit-align-items:center;-moz-b [TRUNCATED]


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      1192.168.2.549709213.5.70.137803856C:\Program Files\Google\Chrome\Application\chrome.exe
      TimestampBytes transferredDirectionData
      Sep 25, 2024 05:23:02.790833950 CEST6OUTData Raw: 00
      Data Ascii:


      HTTPS Proxied Packets

      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      0192.168.2.549714184.28.90.27443
      TimestampBytes transferredDirectionData
      2024-09-25 03:22:22 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      Accept-Encoding: identity
      User-Agent: Microsoft BITS/7.8
      Host: fs.microsoft.com
      2024-09-25 03:22:22 UTC467INHTTP/1.1 200 OK
      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
      Content-Type: application/octet-stream
      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
      Server: ECAcc (lpl/EF67)
      X-CID: 11
      X-Ms-ApiVersion: Distribute 1.2
      X-Ms-Region: prod-weu-z1
      Cache-Control: public, max-age=221032
      Date: Wed, 25 Sep 2024 03:22:22 GMT
      Connection: close
      X-CID: 2


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      1192.168.2.549715184.28.90.27443
      TimestampBytes transferredDirectionData
      2024-09-25 03:22:23 UTC239OUTGET /fs/windows/config.json HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      Accept-Encoding: identity
      If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
      Range: bytes=0-2147483646
      User-Agent: Microsoft BITS/7.8
      Host: fs.microsoft.com
      2024-09-25 03:22:23 UTC515INHTTP/1.1 200 OK
      ApiVersion: Distribute 1.1
      Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
      Content-Type: application/octet-stream
      ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
      Last-Modified: Tue, 16 May 2017 22:58:00 GMT
      Server: ECAcc (lpl/EF06)
      X-CID: 11
      X-Ms-ApiVersion: Distribute 1.2
      X-Ms-Region: prod-weu-z1
      Cache-Control: public, max-age=220977
      Date: Wed, 25 Sep 2024 03:22:23 GMT
      Content-Length: 55
      Connection: close
      X-CID: 2
      2024-09-25 03:22:23 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
      Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      2192.168.2.54971820.114.59.183443
      TimestampBytes transferredDirectionData
      2024-09-25 03:22:30 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kV5pTU8cRDMHksb&MD=svk6moaW HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
      Host: slscr.update.microsoft.com
      2024-09-25 03:22:30 UTC560INHTTP/1.1 200 OK
      Cache-Control: no-cache
      Pragma: no-cache
      Content-Type: application/octet-stream
      Expires: -1
      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
      ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
      MS-CorrelationId: b77ad399-422f-4099-b603-a517375e04ed
      MS-RequestId: 2261f1a5-9564-4494-8a95-a7a2fcc5b91d
      MS-CV: 8MKfGiPBqEygLpNG.0
      X-Microsoft-SLSClientCache: 2880
      Content-Disposition: attachment; filename=environment.cab
      X-Content-Type-Options: nosniff
      Date: Wed, 25 Sep 2024 03:22:30 GMT
      Connection: close
      Content-Length: 24490
      2024-09-25 03:22:30 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
      Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
      2024-09-25 03:22:30 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
      Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


      Session IDSource IPSource PortDestination IPDestination Port
      3192.168.2.54972623.1.237.91443
      TimestampBytes transferredDirectionData
      2024-09-25 03:22:34 UTC2148OUTPOST /threshold/xls.aspx HTTP/1.1
      Origin: https://www.bing.com
      Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
      Accept: */*
      Accept-Language: en-CH
      Content-type: text/xml
      X-Agent-DeviceId: 01000A410900D492
      X-BM-CBT: 1696428841
      X-BM-DateFormat: dd/MM/yyyy
      X-BM-DeviceDimensions: 784x984
      X-BM-DeviceDimensionsLogical: 784x984
      X-BM-DeviceScale: 100
      X-BM-DTZ: 120
      X-BM-Market: CH
      X-BM-Theme: 000000;0078d7
      X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
      X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22
      X-Device-isOptin: false
      X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
      X-Device-OSSKU: 48
      X-Device-Touch: false
      X-DeviceID: 01000A410900D492
      X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh
      X-MSEdge-ExternalExpType: JointCoord
      X-PositionerType: Desktop
      X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
      X-Search-CortanaAvailableCapabilities: None
      X-Search-SafeSearch: Moderate
      X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
      X-UserAgeClass: Unknown
      Accept-Encoding: gzip, deflate, br
      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
      Host: www.bing.com
      Content-Length: 2484
      Connection: Keep-Alive
      Cache-Control: no-cache
      Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1727234520893&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHUID=V=2&GUID=3D32B8AC657C4AD781A584E283227995&dmnchg=1; SRCHD=AF=NOFORM; SRCHUSR=DOB=20231004; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756; CortanaAppUID=5A290E2CC4B523E2D8B5E2E3E4CB7CB7; MUIDB=2F4E96DB8B7049E59AD4484C3C00F7CF
      2024-09-25 03:22:34 UTC1OUTData Raw: 3c
      Data Ascii: <
      2024-09-25 03:22:34 UTC2483OUTData Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49
      Data Ascii: ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
      2024-09-25 03:22:34 UTC479INHTTP/1.1 204 No Content
      Access-Control-Allow-Origin: *
      Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
      X-MSEdge-Ref: Ref A: DC6D82DE0A6B44FAA84D175222ED2950 Ref B: LAX311000113049 Ref C: 2024-09-25T03:22:34Z
      Date: Wed, 25 Sep 2024 03:22:34 GMT
      Connection: close
      Alt-Svc: h3=":443"; ma=93600
      X-CDN-TraceID: 0.56ed0117.1727234554.d06cb81


      Session IDSource IPSource PortDestination IPDestination PortPIDProcess
      4192.168.2.54972920.114.59.183443
      TimestampBytes transferredDirectionData
      2024-09-25 03:23:08 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=kV5pTU8cRDMHksb&MD=svk6moaW HTTP/1.1
      Connection: Keep-Alive
      Accept: */*
      User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
      Host: slscr.update.microsoft.com
      2024-09-25 03:23:09 UTC560INHTTP/1.1 200 OK
      Cache-Control: no-cache
      Pragma: no-cache
      Content-Type: application/octet-stream
      Expires: -1
      Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
      ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
      MS-CorrelationId: ddaa301a-9472-4429-a9e5-3cdc192b45f5
      MS-RequestId: 199aa072-7508-476b-ba28-a14e98ff98e9
      MS-CV: YH28G8E3B0CLFgRt.0
      X-Microsoft-SLSClientCache: 1440
      Content-Disposition: attachment; filename=environment.cab
      X-Content-Type-Options: nosniff
      Date: Wed, 25 Sep 2024 03:23:08 GMT
      Connection: close
      Content-Length: 30005
      2024-09-25 03:23:09 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
      Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
      2024-09-25 03:23:09 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
      Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


      Statistics

      CPU Usage

      Click to jump to process

      Memory Usage

      Click to jump to process

      Behavior

      Click to jump to process

      System Behavior

      General

      Target ID:0
      Start time:23:22:11
      Start date:24/09/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
      Imagebase:0x7ff715980000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:false

      General

      Target ID:2
      Start time:23:22:14
      Start date:24/09/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1972,i,10763147438608566531,18013151587605379891,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Imagebase:0x7ff715980000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:false

      General

      Target ID:3
      Start time:23:22:17
      Start date:24/09/2024
      Path:C:\Program Files\Google\Chrome\Application\chrome.exe
      Wow64 process (32bit):false
      Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" "http://www.tellthedream.com/wpp-adobe/adobe.php"
      Imagebase:0x7ff715980000
      File size:3'242'272 bytes
      MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
      Has elevated privileges:true
      Has administrator privileges:true
      Programmed in:C, C++ or other language
      Reputation:low
      Has exited:true

      Disassembly

      No disassembly